
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: circuitbreakers.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: CircuitBreaker
    listKind: CircuitBreakerList
    plural: circuitbreakers
    singular: circuitbreaker
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma CircuitBreaker resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: containerpatches.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ContainerPatch
    listKind: ContainerPatchList
    plural: containerpatches
    singular: containerpatch
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        description: ContainerPatch stores a list of patches to apply to init and
          sidecar containers.
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            type: string
          metadata:
            type: object
          spec:
            description: ContainerPatchSpec specifies the options available for a
              ContainerPatch
            properties:
              initPatch:
                description: InitPatch specifies jsonpatch to apply to an init container.
                items:
                  description: JsonPatchBlock is one json patch operation block.
                  properties:
                    from:
                      description: From is a jsonpatch from string, used by move and
                        copy operations.
                      type: string
                    op:
                      description: Op is a jsonpatch operation string.
                      enum:
                      - add
                      - remove
                      - replace
                      - move
                      - copy
                      type: string
                    path:
                      description: Path is a jsonpatch path string.
                      type: string
                    value:
                      description: |-
                        Value must be a string representing a valid json object used
                        by replace and add operations. String has to be escaped with " to be valid a json object.
                      type: string
                  required:
                  - op
                  - path
                  type: object
                type: array
              sidecarPatch:
                description: SidecarPatch specifies jsonpatch to apply to a sidecar
                  container.
                items:
                  description: JsonPatchBlock is one json patch operation block.
                  properties:
                    from:
                      description: From is a jsonpatch from string, used by move and
                        copy operations.
                      type: string
                    op:
                      description: Op is a jsonpatch operation string.
                      enum:
                      - add
                      - remove
                      - replace
                      - move
                      - copy
                      type: string
                    path:
                      description: Path is a jsonpatch path string.
                      type: string
                    value:
                      description: |-
                        Value must be a string representing a valid json object used
                        by replace and add operations. String has to be escaped with " to be valid a json object.
                      type: string
                  required:
                  - op
                  - path
                  type: object
                type: array
            type: object
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: dataplaneinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: DataplaneInsight
    listKind: DataplaneInsightList
    plural: dataplaneinsights
    singular: dataplaneinsight
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          status:
            description: Status is the status the Kuma resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: dataplanes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: Dataplane
    listKind: DataplaneList
    plural: dataplanes
    singular: dataplane
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - description: Service tag of the first inbound
      jsonPath: .spec.networking.inbound[0].tags['kuma\.io/service']
      name: kuma.io/service
      type: string
    - description: Service tag of the second inbound
      jsonPath: .spec.networking.inbound[1].tags['kuma\.io/service']
      name: kuma.io/service
      type: string
    - description: Service tag of the third inbound
      jsonPath: .spec.networking.inbound[2].tags['kuma\.io/service']
      name: kuma.io/service
      priority: 1
      type: string
    - description: Service tag of the fourth inbound
      jsonPath: .spec.networking.inbound[3].tags['kuma\.io/service']
      name: kuma.io/service
      priority: 1
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma Dataplane resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: externalservices.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ExternalService
    listKind: ExternalServiceList
    plural: externalservices
    singular: externalservice
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ExternalService resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: faultinjections.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: FaultInjection
    listKind: FaultInjectionList
    plural: faultinjections
    singular: faultinjection
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma FaultInjection resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: healthchecks.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: HealthCheck
    listKind: HealthCheckList
    plural: healthchecks
    singular: healthcheck
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma HealthCheck resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshaccesslogs.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshAccessLog
    listKind: MeshAccessLogList
    plural: meshaccesslogs
    singular: meshaccesslog
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshAccessLog resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of clients referenced in
                        'targetRef'
                      properties:
                        backends:
                          items:
                            properties:
                              file:
                                description: FileBackend defines configuration for
                                  file based access logs
                                properties:
                                  format:
                                    description: |-
                                      Format of access logs. Placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    properties:
                                      json:
                                        example:
                                        - key: start_time
                                          value: '%START_TIME%'
                                        - key: bytes_received
                                          value: '%BYTES_RECEIVED%'
                                        items:
                                          properties:
                                            key:
                                              type: string
                                            value:
                                              type: string
                                          type: object
                                        type: array
                                      omitEmptyValues:
                                        default: false
                                        type: boolean
                                      plain:
                                        example: '[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%'
                                        type: string
                                      type:
                                        enum:
                                        - Plain
                                        - Json
                                        type: string
                                    required:
                                    - type
                                    type: object
                                  path:
                                    description: Path to a file that logs will be
                                      written to
                                    example: /tmp/access.log
                                    minLength: 1
                                    type: string
                                required:
                                - path
                                type: object
                              openTelemetry:
                                description: Defines an OpenTelemetry logging backend.
                                properties:
                                  attributes:
                                    description: |-
                                      Attributes can contain placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    example:
                                    - key: mesh
                                      value: '%KUMA_MESH%'
                                    items:
                                      properties:
                                        key:
                                          type: string
                                        value:
                                          type: string
                                      type: object
                                    type: array
                                  body:
                                    description: |-
                                      Body is a raw string or an OTLP any value as described at
                                      https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body
                                      It can contain placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    example:
                                      kvlistValue:
                                        values:
                                        - key: mesh
                                          value:
                                            stringValue: '%KUMA_MESH%'
                                    x-kubernetes-preserve-unknown-fields: true
                                  endpoint:
                                    description: Endpoint of OpenTelemetry collector.
                                      An empty port defaults to 4317.
                                    example: otel-collector:4317
                                    minLength: 1
                                    type: string
                                required:
                                - endpoint
                                type: object
                              tcp:
                                description: TCPBackend defines a TCP logging backend.
                                properties:
                                  address:
                                    description: Address of the TCP logging backend
                                    example: 127.0.0.1:5000
                                    minLength: 1
                                    type: string
                                  format:
                                    description: |-
                                      Format of access logs. Placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    properties:
                                      json:
                                        example:
                                        - key: start_time
                                          value: '%START_TIME%'
                                        - key: bytes_received
                                          value: '%BYTES_RECEIVED%'
                                        items:
                                          properties:
                                            key:
                                              type: string
                                            value:
                                              type: string
                                          type: object
                                        type: array
                                      omitEmptyValues:
                                        default: false
                                        type: boolean
                                      plain:
                                        example: '[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%'
                                        type: string
                                      type:
                                        enum:
                                        - Plain
                                        - Json
                                        type: string
                                    required:
                                    - type
                                    type: object
                                required:
                                - address
                                type: object
                              type:
                                enum:
                                - Tcp
                                - File
                                - OpenTelemetry
                                type: string
                            required:
                            - type
                            type: object
                          type: array
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        clients.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined in-place.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between the consumed services and
                  corresponding configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        backends:
                          items:
                            properties:
                              file:
                                description: FileBackend defines configuration for
                                  file based access logs
                                properties:
                                  format:
                                    description: |-
                                      Format of access logs. Placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    properties:
                                      json:
                                        example:
                                        - key: start_time
                                          value: '%START_TIME%'
                                        - key: bytes_received
                                          value: '%BYTES_RECEIVED%'
                                        items:
                                          properties:
                                            key:
                                              type: string
                                            value:
                                              type: string
                                          type: object
                                        type: array
                                      omitEmptyValues:
                                        default: false
                                        type: boolean
                                      plain:
                                        example: '[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%'
                                        type: string
                                      type:
                                        enum:
                                        - Plain
                                        - Json
                                        type: string
                                    required:
                                    - type
                                    type: object
                                  path:
                                    description: Path to a file that logs will be
                                      written to
                                    example: /tmp/access.log
                                    minLength: 1
                                    type: string
                                required:
                                - path
                                type: object
                              openTelemetry:
                                description: Defines an OpenTelemetry logging backend.
                                properties:
                                  attributes:
                                    description: |-
                                      Attributes can contain placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    example:
                                    - key: mesh
                                      value: '%KUMA_MESH%'
                                    items:
                                      properties:
                                        key:
                                          type: string
                                        value:
                                          type: string
                                      type: object
                                    type: array
                                  body:
                                    description: |-
                                      Body is a raw string or an OTLP any value as described at
                                      https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body
                                      It can contain placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    example:
                                      kvlistValue:
                                        values:
                                        - key: mesh
                                          value:
                                            stringValue: '%KUMA_MESH%'
                                    x-kubernetes-preserve-unknown-fields: true
                                  endpoint:
                                    description: Endpoint of OpenTelemetry collector.
                                      An empty port defaults to 4317.
                                    example: otel-collector:4317
                                    minLength: 1
                                    type: string
                                required:
                                - endpoint
                                type: object
                              tcp:
                                description: TCPBackend defines a TCP logging backend.
                                properties:
                                  address:
                                    description: Address of the TCP logging backend
                                    example: 127.0.0.1:5000
                                    minLength: 1
                                    type: string
                                  format:
                                    description: |-
                                      Format of access logs. Placeholders available on
                                      https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators
                                    properties:
                                      json:
                                        example:
                                        - key: start_time
                                          value: '%START_TIME%'
                                        - key: bytes_received
                                          value: '%BYTES_RECEIVED%'
                                        items:
                                          properties:
                                            key:
                                              type: string
                                            value:
                                              type: string
                                          type: object
                                        type: array
                                      omitEmptyValues:
                                        default: false
                                        type: boolean
                                      plain:
                                        example: '[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%'
                                        type: string
                                      type:
                                        enum:
                                        - Plain
                                        - Json
                                        type: string
                                    required:
                                    - type
                                    type: object
                                required:
                                - address
                                type: object
                              type:
                                enum:
                                - Tcp
                                - File
                                - OpenTelemetry
                                type: string
                            required:
                            - type
                            type: object
                          type: array
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshcircuitbreakers.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshCircuitBreaker
    listKind: MeshCircuitBreakerList
    plural: meshcircuitbreakers
    singular: meshcircuitbreaker
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshCircuitBreaker
              resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations
                        referenced in 'targetRef'
                      properties:
                        connectionLimits:
                          description: |-
                            ConnectionLimits contains configuration of each circuit breaking limit,
                            which when exceeded makes the circuit breaker to become open (no traffic
                            is allowed like no current is allowed in the circuits when physical
                            circuit breaker ir open)
                          properties:
                            maxConnectionPools:
                              description: |-
                                The maximum number of connection pools per cluster that are concurrently
                                supported at once. Set this for clusters which create a large number of
                                connection pools.
                              format: int32
                              type: integer
                            maxConnections:
                              description: |-
                                The maximum number of connections allowed to be made to the upstream
                                cluster.
                              format: int32
                              type: integer
                            maxPendingRequests:
                              description: |-
                                The maximum number of pending requests that are allowed to the upstream
                                cluster. This limit is applied as a connection limit for non-HTTP
                                traffic.
                              format: int32
                              type: integer
                            maxRequests:
                              description: |-
                                The maximum number of parallel requests that are allowed to be made
                                to the upstream cluster. This limit does not apply to non-HTTP traffic.
                              format: int32
                              type: integer
                            maxRetries:
                              description: |-
                                The maximum number of parallel retries that will be allowed to
                                the upstream cluster.
                              format: int32
                              type: integer
                          type: object
                        outlierDetection:
                          description: |-
                            OutlierDetection contains the configuration of the process of dynamically
                            determining whether some number of hosts in an upstream cluster are
                            performing unlike the others and removing them from the healthy load
                            balancing set. Performance might be along different axes such as
                            consecutive failures, temporal success rate, temporal latency, etc.
                            Outlier detection is a form of passive health checking.
                          properties:
                            baseEjectionTime:
                              description: |-
                                The base time that a host is ejected for. The real time is equal to
                                the base time multiplied by the number of times the host has been
                                ejected.
                              type: string
                            detectors:
                              description: Contains configuration for supported outlier
                                detectors
                              properties:
                                failurePercentage:
                                  description: |-
                                    Failure Percentage based outlier detection functions similarly to success
                                    rate detection, in that it relies on success rate data from each host in
                                    a cluster. However, rather than compare those values to the mean success
                                    rate of the cluster as a whole, they are compared to a flat
                                    user-configured threshold. This threshold is configured via the
                                    outlierDetection.failurePercentageThreshold field.
                                    The other configuration fields for failure percentage based detection are
                                    similar to the fields for success rate detection. As with success rate
                                    detection, detection will not be performed for a host if its request
                                    volume over the aggregation interval is less than the
                                    outlierDetection.detectors.failurePercentage.requestVolume value.
                                    Detection also will not be performed for a cluster if the number of hosts
                                    with the minimum required request volume in an interval is less than the
                                    outlierDetection.detectors.failurePercentage.minimumHosts value.
                                  properties:
                                    minimumHosts:
                                      description: |-
                                        The minimum number of hosts in a cluster in order to perform failure
                                        percentage-based ejection. If the total number of hosts in the cluster is
                                        less than this value, failure percentage-based ejection will not be
                                        performed.
                                      format: int32
                                      type: integer
                                    requestVolume:
                                      description: |-
                                        The minimum number of total requests that must be collected in one
                                        interval (as defined by the interval duration above) to perform failure
                                        percentage-based ejection for this host. If the volume is lower than this
                                        setting, failure percentage-based ejection will not be performed for this
                                        host.
                                      format: int32
                                      type: integer
                                    threshold:
                                      description: |-
                                        The failure percentage to use when determining failure percentage-based
                                        outlier detection. If the failure percentage of a given host is greater
                                        than or equal to this value, it will be ejected.
                                      format: int32
                                      type: integer
                                  type: object
                                gatewayFailures:
                                  description: |-
                                    In the default mode (outlierDetection.splitExternalLocalOriginErrors is
                                    false) this detection type takes into account a subset of 5xx errors,
                                    called "gateway errors" (502, 503 or 504 status code) and local origin
                                    failures, such as timeout, TCP reset etc.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true)
                                    this detection type takes into account a subset of 5xx errors, called
                                    "gateway errors" (502, 503 or 504 status code) and is supported only by
                                    the http router.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive gateway failures (502, 503, 504 status codes)
                                        before a consecutive gateway failure ejection occurs.
                                      format: int32
                                      type: integer
                                  type: object
                                localOriginFailures:
                                  description: |-
                                    This detection type is enabled only when
                                    outlierDetection.splitExternalLocalOriginErrors is true and takes into
                                    account only locally originated errors (timeout, reset, etc).
                                    If Envoy repeatedly cannot connect to an upstream host or communication
                                    with the upstream host is repeatedly interrupted, it will be ejected.
                                    Various locally originated problems are detected: timeout, TCP reset,
                                    ICMP errors, etc. This detection type is supported by http router and
                                    tcp proxy.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive locally originated failures before ejection
                                        occurs. Parameter takes effect only when splitExternalAndLocalErrors
                                        is set to true.
                                      format: int32
                                      type: integer
                                  type: object
                                successRate:
                                  description: |-
                                    Success Rate based outlier detection aggregates success rate data from
                                    every host in a cluster. Then at given intervals ejects hosts based on
                                    statistical outlier detection. Success Rate outlier detection will not be
                                    calculated for a host if its request volume over the aggregation interval
                                    is less than the outlierDetection.detectors.successRate.requestVolume
                                    value.
                                    Moreover, detection will not be performed for a cluster if the number of
                                    hosts with the minimum required request volume in an interval is less
                                    than the outlierDetection.detectors.successRate.minimumHosts value.
                                    In the default configuration mode
                                    (outlierDetection.splitExternalLocalOriginErrors is false) this detection
                                    type takes into account all types of errors: locally and externally
                                    originated.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true),
                                    locally originated errors and externally originated (transaction) errors
                                    are counted and treated separately.
                                  properties:
                                    minimumHosts:
                                      description: |-
                                        The number of hosts in a cluster that must have enough request volume to
                                        detect success rate outliers. If the number of hosts is less than this
                                        setting, outlier detection via success rate statistics is not performed
                                        for any host in the cluster.
                                      format: int32
                                      type: integer
                                    requestVolume:
                                      description: |-
                                        The minimum number of total requests that must be collected in one
                                        interval (as defined by the interval duration configured in
                                        outlierDetection section) to include this host in success rate based
                                        outlier detection. If the volume is lower than this setting, outlier
                                        detection via success rate statistics is not performed for that host.
                                      format: int32
                                      type: integer
                                    standardDeviationFactor:
                                      anyOf:
                                      - type: integer
                                      - type: string
                                      description: |-
                                        This factor is used to determine the ejection threshold for success rate
                                        outlier ejection. The ejection threshold is the difference between
                                        the mean success rate, and the product of this factor and the standard
                                        deviation of the mean success rate: mean - (standard_deviation *
                                        success_rate_standard_deviation_factor).
                                        Either int or decimal represented as string.
                                      x-kubernetes-int-or-string: true
                                  type: object
                                totalFailures:
                                  description: |-
                                    In the default mode (outlierDetection.splitExternalAndLocalErrors is
                                    false) this detection type takes into account all generated errors:
                                    locally originated and externally originated (transaction) errors.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true)
                                    this detection type takes into account only externally originated
                                    (transaction) errors, ignoring locally originated errors.
                                    If an upstream host is an HTTP-server, only 5xx types of error are taken
                                    into account (see Consecutive Gateway Failure for exceptions).
                                    Properly formatted responses, even when they carry an operational error
                                    (like index not found, access denied) are not taken into account.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive server-side error responses (for HTTP traffic,
                                        5xx responses; for TCP traffic, connection failures; for Redis, failure
                                        to respond PONG; etc.) before a consecutive total failure ejection
                                        occurs.
                                      format: int32
                                      type: integer
                                  type: object
                              type: object
                            disabled:
                              description: When set to true, outlierDetection configuration
                                won't take any effect
                              type: boolean
                            interval:
                              description: |-
                                The time interval between ejection analysis sweeps. This can result in
                                both new ejections and hosts being returned to service.
                              type: string
                            maxEjectionPercent:
                              description: |-
                                The maximum % of an upstream cluster that can be ejected due to outlier
                                detection. Defaults to 10% but will eject at least one host regardless of
                                the value.
                              format: int32
                              type: integer
                            splitExternalAndLocalErrors:
                              description: |-
                                Determines whether to distinguish local origin failures from external
                                errors. If set to true the following configuration parameters are taken
                                into account: detectors.localOriginFailures.consecutive
                              type: boolean
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined in place.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: |-
                  To list makes a match between the consumed services and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations
                        referenced in 'targetRef'
                      properties:
                        connectionLimits:
                          description: |-
                            ConnectionLimits contains configuration of each circuit breaking limit,
                            which when exceeded makes the circuit breaker to become open (no traffic
                            is allowed like no current is allowed in the circuits when physical
                            circuit breaker ir open)
                          properties:
                            maxConnectionPools:
                              description: |-
                                The maximum number of connection pools per cluster that are concurrently
                                supported at once. Set this for clusters which create a large number of
                                connection pools.
                              format: int32
                              type: integer
                            maxConnections:
                              description: |-
                                The maximum number of connections allowed to be made to the upstream
                                cluster.
                              format: int32
                              type: integer
                            maxPendingRequests:
                              description: |-
                                The maximum number of pending requests that are allowed to the upstream
                                cluster. This limit is applied as a connection limit for non-HTTP
                                traffic.
                              format: int32
                              type: integer
                            maxRequests:
                              description: |-
                                The maximum number of parallel requests that are allowed to be made
                                to the upstream cluster. This limit does not apply to non-HTTP traffic.
                              format: int32
                              type: integer
                            maxRetries:
                              description: |-
                                The maximum number of parallel retries that will be allowed to
                                the upstream cluster.
                              format: int32
                              type: integer
                          type: object
                        outlierDetection:
                          description: |-
                            OutlierDetection contains the configuration of the process of dynamically
                            determining whether some number of hosts in an upstream cluster are
                            performing unlike the others and removing them from the healthy load
                            balancing set. Performance might be along different axes such as
                            consecutive failures, temporal success rate, temporal latency, etc.
                            Outlier detection is a form of passive health checking.
                          properties:
                            baseEjectionTime:
                              description: |-
                                The base time that a host is ejected for. The real time is equal to
                                the base time multiplied by the number of times the host has been
                                ejected.
                              type: string
                            detectors:
                              description: Contains configuration for supported outlier
                                detectors
                              properties:
                                failurePercentage:
                                  description: |-
                                    Failure Percentage based outlier detection functions similarly to success
                                    rate detection, in that it relies on success rate data from each host in
                                    a cluster. However, rather than compare those values to the mean success
                                    rate of the cluster as a whole, they are compared to a flat
                                    user-configured threshold. This threshold is configured via the
                                    outlierDetection.failurePercentageThreshold field.
                                    The other configuration fields for failure percentage based detection are
                                    similar to the fields for success rate detection. As with success rate
                                    detection, detection will not be performed for a host if its request
                                    volume over the aggregation interval is less than the
                                    outlierDetection.detectors.failurePercentage.requestVolume value.
                                    Detection also will not be performed for a cluster if the number of hosts
                                    with the minimum required request volume in an interval is less than the
                                    outlierDetection.detectors.failurePercentage.minimumHosts value.
                                  properties:
                                    minimumHosts:
                                      description: |-
                                        The minimum number of hosts in a cluster in order to perform failure
                                        percentage-based ejection. If the total number of hosts in the cluster is
                                        less than this value, failure percentage-based ejection will not be
                                        performed.
                                      format: int32
                                      type: integer
                                    requestVolume:
                                      description: |-
                                        The minimum number of total requests that must be collected in one
                                        interval (as defined by the interval duration above) to perform failure
                                        percentage-based ejection for this host. If the volume is lower than this
                                        setting, failure percentage-based ejection will not be performed for this
                                        host.
                                      format: int32
                                      type: integer
                                    threshold:
                                      description: |-
                                        The failure percentage to use when determining failure percentage-based
                                        outlier detection. If the failure percentage of a given host is greater
                                        than or equal to this value, it will be ejected.
                                      format: int32
                                      type: integer
                                  type: object
                                gatewayFailures:
                                  description: |-
                                    In the default mode (outlierDetection.splitExternalLocalOriginErrors is
                                    false) this detection type takes into account a subset of 5xx errors,
                                    called "gateway errors" (502, 503 or 504 status code) and local origin
                                    failures, such as timeout, TCP reset etc.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true)
                                    this detection type takes into account a subset of 5xx errors, called
                                    "gateway errors" (502, 503 or 504 status code) and is supported only by
                                    the http router.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive gateway failures (502, 503, 504 status codes)
                                        before a consecutive gateway failure ejection occurs.
                                      format: int32
                                      type: integer
                                  type: object
                                localOriginFailures:
                                  description: |-
                                    This detection type is enabled only when
                                    outlierDetection.splitExternalLocalOriginErrors is true and takes into
                                    account only locally originated errors (timeout, reset, etc).
                                    If Envoy repeatedly cannot connect to an upstream host or communication
                                    with the upstream host is repeatedly interrupted, it will be ejected.
                                    Various locally originated problems are detected: timeout, TCP reset,
                                    ICMP errors, etc. This detection type is supported by http router and
                                    tcp proxy.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive locally originated failures before ejection
                                        occurs. Parameter takes effect only when splitExternalAndLocalErrors
                                        is set to true.
                                      format: int32
                                      type: integer
                                  type: object
                                successRate:
                                  description: |-
                                    Success Rate based outlier detection aggregates success rate data from
                                    every host in a cluster. Then at given intervals ejects hosts based on
                                    statistical outlier detection. Success Rate outlier detection will not be
                                    calculated for a host if its request volume over the aggregation interval
                                    is less than the outlierDetection.detectors.successRate.requestVolume
                                    value.
                                    Moreover, detection will not be performed for a cluster if the number of
                                    hosts with the minimum required request volume in an interval is less
                                    than the outlierDetection.detectors.successRate.minimumHosts value.
                                    In the default configuration mode
                                    (outlierDetection.splitExternalLocalOriginErrors is false) this detection
                                    type takes into account all types of errors: locally and externally
                                    originated.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true),
                                    locally originated errors and externally originated (transaction) errors
                                    are counted and treated separately.
                                  properties:
                                    minimumHosts:
                                      description: |-
                                        The number of hosts in a cluster that must have enough request volume to
                                        detect success rate outliers. If the number of hosts is less than this
                                        setting, outlier detection via success rate statistics is not performed
                                        for any host in the cluster.
                                      format: int32
                                      type: integer
                                    requestVolume:
                                      description: |-
                                        The minimum number of total requests that must be collected in one
                                        interval (as defined by the interval duration configured in
                                        outlierDetection section) to include this host in success rate based
                                        outlier detection. If the volume is lower than this setting, outlier
                                        detection via success rate statistics is not performed for that host.
                                      format: int32
                                      type: integer
                                    standardDeviationFactor:
                                      anyOf:
                                      - type: integer
                                      - type: string
                                      description: |-
                                        This factor is used to determine the ejection threshold for success rate
                                        outlier ejection. The ejection threshold is the difference between
                                        the mean success rate, and the product of this factor and the standard
                                        deviation of the mean success rate: mean - (standard_deviation *
                                        success_rate_standard_deviation_factor).
                                        Either int or decimal represented as string.
                                      x-kubernetes-int-or-string: true
                                  type: object
                                totalFailures:
                                  description: |-
                                    In the default mode (outlierDetection.splitExternalAndLocalErrors is
                                    false) this detection type takes into account all generated errors:
                                    locally originated and externally originated (transaction) errors.
                                    In split mode (outlierDetection.splitExternalLocalOriginErrors is true)
                                    this detection type takes into account only externally originated
                                    (transaction) errors, ignoring locally originated errors.
                                    If an upstream host is an HTTP-server, only 5xx types of error are taken
                                    into account (see Consecutive Gateway Failure for exceptions).
                                    Properly formatted responses, even when they carry an operational error
                                    (like index not found, access denied) are not taken into account.
                                  properties:
                                    consecutive:
                                      description: |-
                                        The number of consecutive server-side error responses (for HTTP traffic,
                                        5xx responses; for TCP traffic, connection failures; for Redis, failure
                                        to respond PONG; etc.) before a consecutive total failure ejection
                                        occurs.
                                      format: int32
                                      type: integer
                                  type: object
                              type: object
                            disabled:
                              description: When set to true, outlierDetection configuration
                                won't take any effect
                              type: boolean
                            interval:
                              description: |-
                                The time interval between ejection analysis sweeps. This can result in
                                both new ejections and hosts being returned to service.
                              type: string
                            maxEjectionPercent:
                              description: |-
                                The maximum % of an upstream cluster that can be ejected due to outlier
                                detection. Defaults to 10% but will eject at least one host regardless of
                                the value.
                              format: int32
                              type: integer
                            splitExternalAndLocalErrors:
                              description: |-
                                Determines whether to distinguish local origin failures from external
                                errors. If set to true the following configuration parameters are taken
                                into account: detectors.localOriginFailures.consecutive
                              type: boolean
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: Mesh
    listKind: MeshList
    plural: meshes
    singular: mesh
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma Mesh resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshfaultinjections.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshFaultInjection
    listKind: MeshFaultInjectionList
    plural: meshfaultinjections
    singular: meshfaultinjection
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshFaultInjection
              resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        http:
                          description: Http allows to define list of Http faults between
                            dataplanes.
                          items:
                            description: FaultInjection defines the configuration
                              of faults between dataplanes.
                            properties:
                              abort:
                                description: |-
                                  Abort defines a configuration of not delivering requests to destination
                                  service and replacing the responses from destination dataplane by
                                  predefined status code
                                properties:
                                  httpStatus:
                                    description: HTTP status code which will be returned
                                      to source side
                                    format: int32
                                    type: integer
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which abort will be injected, has to be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                required:
                                - httpStatus
                                - percentage
                                type: object
                              delay:
                                description: Delay defines configuration of delaying
                                  a response from a destination
                                properties:
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which delay will be injected, has to be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                  value:
                                    description: The duration during which the response
                                      will be delayed
                                    type: string
                                required:
                                - percentage
                                - value
                                type: object
                              responseBandwidth:
                                description: |-
                                  ResponseBandwidth defines a configuration to limit the speed of
                                  responding to the requests
                                properties:
                                  limit:
                                    description: |-
                                      Limit is represented by value measure in Gbps, Mbps, kbps, e.g.
                                      10kbps
                                    type: string
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which response bandwidth limit will be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                required:
                                - limit
                                - percentage
                                type: object
                            type: object
                          type: array
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        http:
                          description: Http allows to define list of Http faults between
                            dataplanes.
                          items:
                            description: FaultInjection defines the configuration
                              of faults between dataplanes.
                            properties:
                              abort:
                                description: |-
                                  Abort defines a configuration of not delivering requests to destination
                                  service and replacing the responses from destination dataplane by
                                  predefined status code
                                properties:
                                  httpStatus:
                                    description: HTTP status code which will be returned
                                      to source side
                                    format: int32
                                    type: integer
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which abort will be injected, has to be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                required:
                                - httpStatus
                                - percentage
                                type: object
                              delay:
                                description: Delay defines configuration of delaying
                                  a response from a destination
                                properties:
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which delay will be injected, has to be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                  value:
                                    description: The duration during which the response
                                      will be delayed
                                    type: string
                                required:
                                - percentage
                                - value
                                type: object
                              responseBandwidth:
                                description: |-
                                  ResponseBandwidth defines a configuration to limit the speed of
                                  responding to the requests
                                properties:
                                  limit:
                                    description: |-
                                      Limit is represented by value measure in Gbps, Mbps, kbps, e.g.
                                      10kbps
                                    type: string
                                  percentage:
                                    anyOf:
                                    - type: integer
                                    - type: string
                                    description: |-
                                      Percentage of requests on which response bandwidth limit will be
                                      either int or decimal represented as string.
                                    x-kubernetes-int-or-string: true
                                required:
                                - limit
                                - percentage
                                type: object
                            type: object
                          type: array
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshgatewayinstances.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshGatewayInstance
    listKind: MeshGatewayInstanceList
    plural: meshgatewayinstances
    singular: meshgatewayinstance
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        description: |-
          MeshGatewayInstance represents a managed instance of a dataplane proxy for a Kuma
          Gateway.
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: MeshGatewayInstanceSpec specifies the options available for
              a GatewayDataplane.
            properties:
              podTemplate:
                description: PodTemplate configures the Pod owned by this config.
                properties:
                  metadata:
                    description: Metadata holds metadata configuration for a Service.
                    properties:
                      annotations:
                        additionalProperties:
                          type: string
                        description: Annotations holds annotations to be set on an
                          object.
                        type: object
                      labels:
                        additionalProperties:
                          type: string
                        description: Labels holds labels to be set on an objects.
                        type: object
                    type: object
                  spec:
                    description: Spec holds some customizable fields of a Pod.
                    properties:
                      container:
                        description: Container corresponds to PodSpec.Container
                        properties:
                          securityContext:
                            description: ContainerSecurityContext corresponds to PodSpec.Container.SecurityContext
                            properties:
                              readOnlyRootFilesystem:
                                description: ReadOnlyRootFilesystem corresponds to
                                  PodSpec.Container.SecurityContext.ReadOnlyRootFilesystem
                                type: boolean
                            type: object
                        type: object
                      securityContext:
                        description: PodSecurityContext corresponds to PodSpec.SecurityContext
                        properties:
                          fsGroup:
                            description: FSGroup corresponds to PodSpec.SecurityContext.FSGroup
                            format: int64
                            type: integer
                        type: object
                      serviceAccountName:
                        description: ServiceAccountName corresponds to PodSpec.ServiceAccountName.
                        type: string
                    type: object
                type: object
              replicas:
                default: 1
                description: |-
                  Replicas is the number of dataplane proxy replicas to create. For
                  now this is a fixed number, but in the future it could be
                  automatically scaled based on metrics.
                format: int32
                minimum: 1
                type: integer
              resources:
                description: |-
                  Resources specifies the compute resources for the proxy container.
                  The default can be set in the control plane config.
                properties:
                  claims:
                    description: |-
                      Claims lists the names of resources, defined in spec.resourceClaims,
                      that are used by this container.


                      This is an alpha field and requires enabling the
                      DynamicResourceAllocation feature gate.


                      This field is immutable. It can only be set for containers.
                    items:
                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
                      properties:
                        name:
                          description: |-
                            Name must match the name of one entry in pod.spec.resourceClaims of
                            the Pod where this field is used. It makes that resource available
                            inside a container.
                          type: string
                      required:
                      - name
                      type: object
                    type: array
                    x-kubernetes-list-map-keys:
                    - name
                    x-kubernetes-list-type: map
                  limits:
                    additionalProperties:
                      anyOf:
                      - type: integer
                      - type: string
                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                      x-kubernetes-int-or-string: true
                    description: |-
                      Limits describes the maximum amount of compute resources allowed.
                      More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
                    type: object
                  requests:
                    additionalProperties:
                      anyOf:
                      - type: integer
                      - type: string
                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                      x-kubernetes-int-or-string: true
                    description: |-
                      Requests describes the minimum amount of compute resources required.
                      If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
                      otherwise to an implementation-defined value. Requests cannot exceed Limits.
                      More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
                    type: object
                type: object
              serviceTemplate:
                description: ServiceTemplate configures the Service owned by this
                  config.
                properties:
                  metadata:
                    description: Metadata holds metadata configuration for a Service.
                    properties:
                      annotations:
                        additionalProperties:
                          type: string
                        description: Annotations holds annotations to be set on an
                          object.
                        type: object
                      labels:
                        additionalProperties:
                          type: string
                        description: Labels holds labels to be set on an objects.
                        type: object
                    type: object
                  spec:
                    description: Spec holds some customizable fields of a Service.
                    properties:
                      loadBalancerIP:
                        description: LoadBalancerIP corresponds to ServiceSpec.LoadBalancerIP.
                        type: string
                    type: object
                type: object
              serviceType:
                default: LoadBalancer
                description: |-
                  ServiceType specifies the type of managed Service that will be
                  created to expose the dataplane proxies to traffic from outside
                  the cluster. The ports to expose will be taken from the matching Gateway
                  resource. If there is no matching Gateway, the managed Service will
                  be deleted.
                enum:
                - LoadBalancer
                - ClusterIP
                - NodePort
                type: string
              tags:
                additionalProperties:
                  type: string
                description: |-
                  Tags specifies the Kuma tags that are propagated to the managed
                  dataplane proxies. These tags should include exactly one
                  `kuma.io/service` tag, and should match exactly one Gateway
                  resource.
                type: object
            type: object
          status:
            description: |-
              MeshGatewayInstanceStatus holds information about the status of the gateway
              instance.
            properties:
              conditions:
                description: Conditions is an array of gateway instance conditions.
                items:
                  description: "Condition contains details for one aspect of the current
                    state of this API Resource.\n---\nThis struct is intended for
                    direct use as an array at the field path .status.conditions.  For
                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
                    observations of a foo's current state.\n\t    // Known .status.conditions.type
                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
                    \   // other fields\n\t}"
                  properties:
                    lastTransitionTime:
                      description: |-
                        lastTransitionTime is the last time the condition transitioned from one status to another.
                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
                      format: date-time
                      type: string
                    message:
                      description: |-
                        message is a human readable message indicating details about the transition.
                        This may be an empty string.
                      maxLength: 32768
                      type: string
                    observedGeneration:
                      description: |-
                        observedGeneration represents the .metadata.generation that the condition was set based upon.
                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
                        with respect to the current state of the instance.
                      format: int64
                      minimum: 0
                      type: integer
                    reason:
                      description: |-
                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
                        Producers of specific condition types may define expected values and meanings for this field,
                        and whether the values are considered a guaranteed API.
                        The value should be a CamelCase string.
                        This field may not be empty.
                      maxLength: 1024
                      minLength: 1
                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                      type: string
                    status:
                      description: status of the condition, one of True, False, Unknown.
                      enum:
                      - "True"
                      - "False"
                      - Unknown
                      type: string
                    type:
                      description: |-
                        type of condition in CamelCase or in foo.example.com/CamelCase.
                        ---
                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
                        useful (see .node.status.conditions), the ability to deconflict is important.
                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                      maxLength: 316
                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                      type: string
                  required:
                  - lastTransitionTime
                  - message
                  - reason
                  - status
                  - type
                  type: object
                type: array
                x-kubernetes-list-map-keys:
                - type
                x-kubernetes-list-type: map
              loadBalancer:
                description: |-
                  LoadBalancer contains the current status of the load-balancer,
                  if one is present.
                properties:
                  ingress:
                    description: |-
                      Ingress is a list containing ingress points for the load-balancer.
                      Traffic intended for the service should be sent to these ingress points.
                    items:
                      description: |-
                        LoadBalancerIngress represents the status of a load-balancer ingress point:
                        traffic intended for the service should be sent to an ingress point.
                      properties:
                        hostname:
                          description: |-
                            Hostname is set for load-balancer ingress points that are DNS based
                            (typically AWS load-balancers)
                          type: string
                        ip:
                          description: |-
                            IP is set for load-balancer ingress points that are IP based
                            (typically GCE or OpenStack load-balancers)
                          type: string
                        ipMode:
                          description: |-
                            IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified.
                            Setting this to "VIP" indicates that traffic is delivered to the node with
                            the destination set to the load-balancer's IP and port.
                            Setting this to "Proxy" indicates that traffic is delivered to the node or pod with
                            the destination set to the node's IP and node port or the pod's IP and port.
                            Service implementations may use this information to adjust traffic routing.
                          type: string
                        ports:
                          description: |-
                            Ports is a list of records of service ports
                            If used, every port defined in the service should have an entry in it
                          items:
                            properties:
                              error:
                                description: |-
                                  Error is to record the problem with the service port
                                  The format of the error shall comply with the following rules:
                                  - built-in error values shall be specified in this file and those shall use
                                    CamelCase names
                                  - cloud provider specific error values must have names that comply with the
                                    format foo.example.com/CamelCase.
                                  ---
                                  The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                                maxLength: 316
                                pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                                type: string
                              port:
                                description: Port is the port number of the service
                                  port of which status is recorded here
                                format: int32
                                type: integer
                              protocol:
                                default: TCP
                                description: |-
                                  Protocol is the protocol of the service port of which status is recorded here
                                  The supported values are: "TCP", "UDP", "SCTP"
                                type: string
                            required:
                            - port
                            - protocol
                            type: object
                          type: array
                          x-kubernetes-list-type: atomic
                      type: object
                    type: array
                type: object
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshgatewayroutes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshGatewayRoute
    listKind: MeshGatewayRouteList
    plural: meshgatewayroutes
    singular: meshgatewayroute
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshGatewayRoute resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshgateways.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshGateway
    listKind: MeshGatewayList
    plural: meshgateways
    singular: meshgateway
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshGateway resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshhealthchecks.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshHealthCheck
    listKind: MeshHealthCheckList
    plural: meshhealthchecks
    singular: meshhealthcheck
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshHealthCheck resource.
            properties:
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between the consumed services and
                  corresponding configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        alwaysLogHealthCheckFailures:
                          description: |-
                            If set to true, health check failure events will always be logged. If set
                            to false, only the initial health check failure event will be logged. The
                            default value is false.
                          type: boolean
                        eventLogPath:
                          description: |-
                            Specifies the path to the file where Envoy can log health check events.
                            If empty, no event log will be written.
                          type: string
                        failTrafficOnPanic:
                          description: |-
                            If set to true, Envoy will not consider any hosts when the cluster is in
                            'panic mode'. Instead, the cluster will fail all requests as if all hosts
                            are unhealthy. This can help avoid potentially overwhelming a failing
                            service.
                          type: boolean
                        grpc:
                          description: |-
                            GrpcHealthCheck defines gRPC configuration which will instruct the service
                            the health check will be made for is a gRPC service.
                          properties:
                            authority:
                              description: |-
                                The value of the :authority header in the gRPC health check request,
                                by default name of the cluster this health check is associated with
                              type: string
                            disabled:
                              description: If true the GrpcHealthCheck is disabled
                              type: boolean
                            serviceName:
                              description: Service name parameter which will be sent
                                to gRPC service
                              type: string
                          type: object
                        healthyPanicThreshold:
                          anyOf:
                          - type: integer
                          - type: string
                          description: |-
                            Allows to configure panic threshold for Envoy cluster. If not specified,
                            the default is 50%. To disable panic mode, set to 0%.
                            Either int or decimal represented as string.
                          x-kubernetes-int-or-string: true
                        healthyThreshold:
                          default: 1
                          description: Number of consecutive healthy checks before
                            considering a host healthy.
                          format: int32
                          type: integer
                        http:
                          description: |-
                            HttpHealthCheck defines HTTP configuration which will instruct the service
                            the health check will be made for is an HTTP service.
                          properties:
                            disabled:
                              description: If true the HttpHealthCheck is disabled
                              type: boolean
                            expectedStatuses:
                              description: List of HTTP response statuses which are
                                considered healthy
                              items:
                                format: int32
                                type: integer
                              type: array
                            path:
                              default: /
                              description: |-
                                The HTTP path which will be requested during the health check
                                (ie. /health)
                              type: string
                            requestHeadersToAdd:
                              description: |-
                                The list of HTTP headers which should be added to each health check
                                request
                              properties:
                                add:
                                  items:
                                    properties:
                                      name:
                                        maxLength: 256
                                        minLength: 1
                                        pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                        type: string
                                      value:
                                        type: string
                                    required:
                                    - name
                                    - value
                                    type: object
                                  maxItems: 16
                                  type: array
                                  x-kubernetes-list-map-keys:
                                  - name
                                  x-kubernetes-list-type: map
                                set:
                                  items:
                                    properties:
                                      name:
                                        maxLength: 256
                                        minLength: 1
                                        pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                        type: string
                                      value:
                                        type: string
                                    required:
                                    - name
                                    - value
                                    type: object
                                  maxItems: 16
                                  type: array
                                  x-kubernetes-list-map-keys:
                                  - name
                                  x-kubernetes-list-type: map
                              type: object
                          type: object
                        initialJitter:
                          description: |-
                            If specified, Envoy will start health checking after a random time in
                            ms between 0 and initialJitter. This only applies to the first health
                            check.
                          type: string
                        interval:
                          default: 1m
                          description: Interval between consecutive health checks.
                          type: string
                        intervalJitter:
                          description: |-
                            If specified, during every interval Envoy will add IntervalJitter to the
                            wait time.
                          type: string
                        intervalJitterPercent:
                          description: |-
                            If specified, during every interval Envoy will add IntervalJitter *
                            IntervalJitterPercent / 100 to the wait time. If IntervalJitter and
                            IntervalJitterPercent are both set, both of them will be used to
                            increase the wait time.
                          format: int32
                          type: integer
                        noTrafficInterval:
                          description: |-
                            The "no traffic interval" is a special health check interval that is used
                            when a cluster has never had traffic routed to it. This lower interval
                            allows cluster information to be kept up to date, without sending a
                            potentially large amount of active health checking traffic for no reason.
                            Once a cluster has been used for traffic routing, Envoy will shift back
                            to using the standard health check interval that is defined. Note that
                            this interval takes precedence over any other. The default value for "no
                            traffic interval" is 60 seconds.
                          type: string
                        reuseConnection:
                          description: Reuse health check connection between health
                            checks. Default is true.
                          type: boolean
                        tcp:
                          description: |-
                            TcpHealthCheck defines configuration for specifying bytes to send and
                            expected response during the health check
                          properties:
                            disabled:
                              description: If true the TcpHealthCheck is disabled
                              type: boolean
                            receive:
                              description: |-
                                List of Base64 encoded blocks of strings expected as a response. When checking the response,
                                "fuzzy" matching is performed such that each block must be found, and
                                in the order specified, but not necessarily contiguous.
                                If not provided or empty, checks will be performed as "connect only" and be marked as successful when TCP connection is successfully established.
                              items:
                                type: string
                              type: array
                            send:
                              description: Base64 encoded content of the message which
                                will be sent during the health check to the target
                              type: string
                          type: object
                        timeout:
                          default: 15s
                          description: Maximum time to wait for a health check response.
                          type: string
                        unhealthyThreshold:
                          default: 5
                          description: |-
                            Number of consecutive unhealthy checks before considering a host
                            unhealthy.
                          format: int32
                          type: integer
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshhttproutes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshHTTPRoute
    listKind: MeshHTTPRouteList
    plural: meshhttproutes
    singular: meshhttproute
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshHTTPRoute resource.
            properties:
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To matches destination services of requests and holds
                  configuration.
                items:
                  properties:
                    hostnames:
                      description: |-
                        Hostnames is only valid when targeting MeshGateway and limits the
                        effects of the rules to requests to this hostname.
                        Given hostnames must intersect with the hostname of the listeners the
                        route attaches to.
                      items:
                        type: string
                      type: array
                    rules:
                      description: |-
                        Rules contains the routing rules applies to a combination of top-level
                        targetRef and the targetRef in this entry.
                      items:
                        properties:
                          default:
                            description: |-
                              Default holds routing rules that can be merged with rules from other
                              policies.
                            properties:
                              backendRefs:
                                items:
                                  description: BackendRef defines where to forward
                                    traffic.
                                  properties:
                                    kind:
                                      description: Kind of the referenced resource
                                      enum:
                                      - Mesh
                                      - MeshSubset
                                      - MeshGateway
                                      - MeshService
                                      - MeshServiceSubset
                                      - MeshHTTPRoute
                                      type: string
                                    mesh:
                                      description: Mesh is reserved for future use
                                        to identify cross mesh resources.
                                      type: string
                                    name:
                                      description: |-
                                        Name of the referenced resource. Can only be used with kinds: `MeshService`,
                                        `MeshServiceSubset` and `MeshGatewayRoute`
                                      type: string
                                    proxyTypes:
                                      description: |-
                                        ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                                        all data plane types are targeted by the policy.
                                      items:
                                        enum:
                                        - Sidecar
                                        - Gateway
                                        type: string
                                      minItems: 1
                                      type: array
                                    tags:
                                      additionalProperties:
                                        type: string
                                      description: |-
                                        Tags used to select a subset of proxies by tags. Can only be used with kinds
                                        `MeshSubset` and `MeshServiceSubset`
                                      type: object
                                    weight:
                                      default: 1
                                      minimum: 0
                                      type: integer
                                  type: object
                                type: array
                              filters:
                                items:
                                  properties:
                                    requestHeaderModifier:
                                      description: |-
                                        Only one action is supported per header name.
                                        Configuration to set or add multiple values for a header must use RFC 7230
                                        header value formatting, separating each value with a comma.
                                      properties:
                                        add:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                        remove:
                                          items:
                                            type: string
                                          maxItems: 16
                                          type: array
                                        set:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                      type: object
                                    requestMirror:
                                      properties:
                                        backendRef:
                                          description: TargetRef defines structure
                                            that allows attaching policy to various
                                            objects
                                          properties:
                                            kind:
                                              description: Kind of the referenced
                                                resource
                                              enum:
                                              - Mesh
                                              - MeshSubset
                                              - MeshGateway
                                              - MeshService
                                              - MeshServiceSubset
                                              - MeshHTTPRoute
                                              type: string
                                            mesh:
                                              description: Mesh is reserved for future
                                                use to identify cross mesh resources.
                                              type: string
                                            name:
                                              description: |-
                                                Name of the referenced resource. Can only be used with kinds: `MeshService`,
                                                `MeshServiceSubset` and `MeshGatewayRoute`
                                              type: string
                                            proxyTypes:
                                              description: |-
                                                ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                                                all data plane types are targeted by the policy.
                                              items:
                                                enum:
                                                - Sidecar
                                                - Gateway
                                                type: string
                                              minItems: 1
                                              type: array
                                            tags:
                                              additionalProperties:
                                                type: string
                                              description: |-
                                                Tags used to select a subset of proxies by tags. Can only be used with kinds
                                                `MeshSubset` and `MeshServiceSubset`
                                              type: object
                                          type: object
                                        percentage:
                                          anyOf:
                                          - type: integer
                                          - type: string
                                          description: |-
                                            Percentage of requests to mirror. If not specified, all requests
                                            to the target cluster will be mirrored.
                                          x-kubernetes-int-or-string: true
                                      required:
                                      - backendRef
                                      type: object
                                    requestRedirect:
                                      properties:
                                        hostname:
                                          description: |-
                                            PreciseHostname is the fully qualified domain name of a network host. This
                                            matches the RFC 1123 definition of a hostname with 1 notable exception that
                                            numeric IP addresses are not allowed.


                                            Note that as per RFC1035 and RFC1123, a *label* must consist of lower case
                                            alphanumeric characters or '-', and must start and end with an alphanumeric
                                            character. No other punctuation is allowed.
                                          maxLength: 253
                                          minLength: 1
                                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                                          type: string
                                        path:
                                          description: |-
                                            Path defines parameters used to modify the path of the incoming request.
                                            The modified path is then used to construct the location header.
                                            When empty, the request path is used as-is.
                                          properties:
                                            replaceFullPath:
                                              type: string
                                            replacePrefixMatch:
                                              type: string
                                            type:
                                              enum:
                                              - ReplaceFullPath
                                              - ReplacePrefixMatch
                                              type: string
                                          required:
                                          - type
                                          type: object
                                        port:
                                          description: |-
                                            Port is the port to be used in the value of the `Location`
                                            header in the response.
                                            When empty, port (if specified) of the request is used.
                                          format: int32
                                          maximum: 65535
                                          minimum: 1
                                          type: integer
                                        scheme:
                                          enum:
                                          - http
                                          - https
                                          type: string
                                        statusCode:
                                          default: 302
                                          description: StatusCode is the HTTP status
                                            code to be used in response.
                                          enum:
                                          - 301
                                          - 302
                                          - 303
                                          - 307
                                          - 308
                                          type: integer
                                      type: object
                                    responseHeaderModifier:
                                      description: |-
                                        Only one action is supported per header name.
                                        Configuration to set or add multiple values for a header must use RFC 7230
                                        header value formatting, separating each value with a comma.
                                      properties:
                                        add:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                        remove:
                                          items:
                                            type: string
                                          maxItems: 16
                                          type: array
                                        set:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                      type: object
                                    type:
                                      enum:
                                      - RequestHeaderModifier
                                      - ResponseHeaderModifier
                                      - RequestRedirect
                                      - URLRewrite
                                      - RequestMirror
                                      type: string
                                    urlRewrite:
                                      properties:
                                        hostToBackendHostname:
                                          description: |-
                                            HostToBackendHostname rewrites the hostname to the hostname of the
                                            upstream host. This option is only available when targeting MeshGateways.
                                          type: boolean
                                        hostname:
                                          description: Hostname is the value to be
                                            used to replace the host header value
                                            during forwarding.
                                          maxLength: 253
                                          minLength: 1
                                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                                          type: string
                                        path:
                                          description: Path defines a path rewrite.
                                          properties:
                                            replaceFullPath:
                                              type: string
                                            replacePrefixMatch:
                                              type: string
                                            type:
                                              enum:
                                              - ReplaceFullPath
                                              - ReplacePrefixMatch
                                              type: string
                                          required:
                                          - type
                                          type: object
                                      type: object
                                  required:
                                  - type
                                  type: object
                                type: array
                            type: object
                          matches:
                            description: |-
                              Matches describes how to match HTTP requests this rule should be applied
                              to.
                            items:
                              properties:
                                headers:
                                  items:
                                    description: |-
                                      HeaderMatch describes how to select an HTTP route by matching HTTP request
                                      headers.
                                    properties:
                                      name:
                                        description: |-
                                          Name is the name of the HTTP Header to be matched. Name MUST be lower case
                                          as they will be handled with case insensitivity (See https://tools.ietf.org/html/rfc7230#section-3.2).
                                        maxLength: 256
                                        minLength: 1
                                        pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                        type: string
                                      type:
                                        default: Exact
                                        description: Type specifies how to match against
                                          the value of the header.
                                        enum:
                                        - Exact
                                        - Present
                                        - RegularExpression
                                        - Absent
                                        - Prefix
                                        type: string
                                      value:
                                        description: Value is the value of HTTP Header
                                          to be matched.
                                        type: string
                                    required:
                                    - name
                                    type: object
                                  type: array
                                method:
                                  enum:
                                  - CONNECT
                                  - DELETE
                                  - GET
                                  - HEAD
                                  - OPTIONS
                                  - PATCH
                                  - POST
                                  - PUT
                                  - TRACE
                                  type: string
                                path:
                                  properties:
                                    type:
                                      enum:
                                      - Exact
                                      - PathPrefix
                                      - RegularExpression
                                      type: string
                                    value:
                                      description: |-
                                        Exact or prefix matches must be an absolute path. A prefix matches only
                                        if separated by a slash or the entire path.
                                      minLength: 1
                                      type: string
                                  required:
                                  - type
                                  - value
                                  type: object
                                queryParams:
                                  description: |-
                                    QueryParams matches based on HTTP URL query parameters. Multiple matches
                                    are ANDed together such that all listed matches must succeed.
                                  items:
                                    properties:
                                      name:
                                        minLength: 1
                                        type: string
                                      type:
                                        enum:
                                        - Exact
                                        - RegularExpression
                                        type: string
                                      value:
                                        type: string
                                    required:
                                    - name
                                    - type
                                    - value
                                    type: object
                                  type: array
                              type: object
                            minItems: 1
                            type: array
                        required:
                        - default
                        - matches
                        type: object
                      type: array
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        request destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  type: object
                type: array
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshInsight
    listKind: MeshInsightList
    plural: meshinsights
    singular: meshinsight
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshInsight resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshloadbalancingstrategies.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshLoadBalancingStrategy
    listKind: MeshLoadBalancingStrategyList
    plural: meshloadbalancingstrategies
    singular: meshloadbalancingstrategy
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshLoadBalancingStrategy
              resource.
            properties:
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between the consumed services and
                  corresponding configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        loadBalancer:
                          description: LoadBalancer allows to specify load balancing
                            algorithm.
                          properties:
                            leastRequest:
                              description: |-
                                LeastRequest selects N random available hosts as specified in 'choiceCount' (2 by default)
                                and picks the host which has the fewest active requests
                              properties:
                                activeRequestBias:
                                  anyOf:
                                  - type: integer
                                  - type: string
                                  description: |-
                                    ActiveRequestBias refers to dynamic weights applied when hosts have varying load
                                    balancing weights. A higher value here aggressively reduces the weight of endpoints
                                    that are currently handling active requests. In essence, the higher the ActiveRequestBias
                                    value, the more forcefully it reduces the load balancing weight of endpoints that are
                                    actively serving requests.
                                  x-kubernetes-int-or-string: true
                                choiceCount:
                                  description: |-
                                    ChoiceCount is the number of random healthy hosts from which the host with
                                    the fewest active requests will be chosen. Defaults to 2 so that Envoy performs
                                    two-choice selection if the field is not set.
                                  format: int32
                                  minimum: 2
                                  type: integer
                              type: object
                            maglev:
                              description: |-
                                Maglev implements consistent hashing to upstream hosts. Maglev can be used as
                                a drop in replacement for the ring hash load balancer any place in which
                                consistent hashing is desired.
                              properties:
                                hashPolicies:
                                  description: |-
                                    HashPolicies specify a list of request/connection properties that are used to calculate a hash.
                                    These hash policies are executed in the specified order. If a hash policy has the “terminal” attribute
                                    set to true, and there is already a hash generated, the hash is returned immediately,
                                    ignoring the rest of the hash policy list.
                                  items:
                                    properties:
                                      connection:
                                        properties:
                                          sourceIP:
                                            description: Hash on source IP address.
                                            type: boolean
                                        type: object
                                      cookie:
                                        properties:
                                          name:
                                            description: The name of the cookie that
                                              will be used to obtain the hash key.
                                            minLength: 1
                                            type: string
                                          path:
                                            description: The name of the path for
                                              the cookie.
                                            type: string
                                          ttl:
                                            description: If specified, a cookie with
                                              the TTL will be generated if the cookie
                                              is not present.
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      filterState:
                                        properties:
                                          key:
                                            description: |-
                                              The name of the Object in the per-request filterState, which is
                                              an Envoy::Hashable object. If there is no data associated with the key,
                                              or the stored object is not Envoy::Hashable, no hash will be produced.
                                            minLength: 1
                                            type: string
                                        required:
                                        - key
                                        type: object
                                      header:
                                        properties:
                                          name:
                                            description: The name of the request header
                                              that will be used to obtain the hash
                                              key.
                                            minLength: 1
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      queryParameter:
                                        properties:
                                          name:
                                            description: |-
                                              The name of the URL query parameter that will be used to obtain the hash key.
                                              If the parameter is not present, no hash will be produced. Query parameter names
                                              are case-sensitive.
                                            minLength: 1
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      terminal:
                                        description: |-
                                          Terminal is a flag that short-circuits the hash computing. This field provides
                                          a ‘fallback’ style of configuration: “if a terminal policy doesn’t work, fallback
                                          to rest of the policy list”, it saves time when the terminal policy works.
                                          If true, and there is already a hash computed, ignore rest of the list of hash polices.
                                        type: boolean
                                      type:
                                        enum:
                                        - Header
                                        - Cookie
                                        - SourceIP
                                        - QueryParameter
                                        - FilterState
                                        type: string
                                    required:
                                    - type
                                    type: object
                                  type: array
                                tableSize:
                                  description: |-
                                    The table size for Maglev hashing. Maglev aims for “minimal disruption”
                                    rather than an absolute guarantee. Minimal disruption means that when
                                    the set of upstream hosts change, a connection will likely be sent
                                    to the same upstream as it was before. Increasing the table size reduces
                                    the amount of disruption. The table size must be prime number limited to 5000011.
                                    If it is not specified, the default is 65537.
                                  format: int32
                                  maximum: 5000011
                                  minimum: 1
                                  type: integer
                              type: object
                            random:
                              description: |-
                                Random selects a random available host. The random load balancer generally
                                performs better than round-robin if no health checking policy is configured.
                                Random selection avoids bias towards the host in the set that comes after a failed host.
                              type: object
                            ringHash:
                              description: |-
                                RingHash  implements consistent hashing to upstream hosts. Each host is mapped
                                onto a circle (the “ring”) by hashing its address; each request is then routed
                                to a host by hashing some property of the request, and finding the nearest
                                corresponding host clockwise around the ring.
                              properties:
                                hashFunction:
                                  description: |-
                                    HashFunction is a function used to hash hosts onto the ketama ring.
                                    The value defaults to XX_HASH. Available values – XX_HASH, MURMUR_HASH_2.
                                  enum:
                                  - XXHash
                                  - MurmurHash2
                                  type: string
                                hashPolicies:
                                  description: |-
                                    HashPolicies specify a list of request/connection properties that are used to calculate a hash.
                                    These hash policies are executed in the specified order. If a hash policy has the “terminal” attribute
                                    set to true, and there is already a hash generated, the hash is returned immediately,
                                    ignoring the rest of the hash policy list.
                                  items:
                                    properties:
                                      connection:
                                        properties:
                                          sourceIP:
                                            description: Hash on source IP address.
                                            type: boolean
                                        type: object
                                      cookie:
                                        properties:
                                          name:
                                            description: The name of the cookie that
                                              will be used to obtain the hash key.
                                            minLength: 1
                                            type: string
                                          path:
                                            description: The name of the path for
                                              the cookie.
                                            type: string
                                          ttl:
                                            description: If specified, a cookie with
                                              the TTL will be generated if the cookie
                                              is not present.
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      filterState:
                                        properties:
                                          key:
                                            description: |-
                                              The name of the Object in the per-request filterState, which is
                                              an Envoy::Hashable object. If there is no data associated with the key,
                                              or the stored object is not Envoy::Hashable, no hash will be produced.
                                            minLength: 1
                                            type: string
                                        required:
                                        - key
                                        type: object
                                      header:
                                        properties:
                                          name:
                                            description: The name of the request header
                                              that will be used to obtain the hash
                                              key.
                                            minLength: 1
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      queryParameter:
                                        properties:
                                          name:
                                            description: |-
                                              The name of the URL query parameter that will be used to obtain the hash key.
                                              If the parameter is not present, no hash will be produced. Query parameter names
                                              are case-sensitive.
                                            minLength: 1
                                            type: string
                                        required:
                                        - name
                                        type: object
                                      terminal:
                                        description: |-
                                          Terminal is a flag that short-circuits the hash computing. This field provides
                                          a ‘fallback’ style of configuration: “if a terminal policy doesn’t work, fallback
                                          to rest of the policy list”, it saves time when the terminal policy works.
                                          If true, and there is already a hash computed, ignore rest of the list of hash polices.
                                        type: boolean
                                      type:
                                        enum:
                                        - Header
                                        - Cookie
                                        - SourceIP
                                        - QueryParameter
                                        - FilterState
                                        type: string
                                    required:
                                    - type
                                    type: object
                                  type: array
                                maxRingSize:
                                  description: |-
                                    Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries,
                                    but can be lowered to further constrain resource use.
                                  format: int32
                                  maximum: 8000000
                                  minimum: 1
                                  type: integer
                                minRingSize:
                                  description: |-
                                    Minimum hash ring size. The larger the ring is (that is,
                                    the more hashes there are for each provided host) the better the request distribution
                                    will reflect the desired weights. Defaults to 1024 entries, and limited to 8M entries.
                                  format: int32
                                  maximum: 8000000
                                  minimum: 1
                                  type: integer
                              type: object
                            roundRobin:
                              description: |-
                                RoundRobin is a load balancing algorithm that distributes requests
                                across available upstream hosts in round-robin order.
                              type: object
                            type:
                              enum:
                              - RoundRobin
                              - LeastRequest
                              - RingHash
                              - Random
                              - Maglev
                              type: string
                          required:
                          - type
                          type: object
                        localityAwareness:
                          description: LocalityAwareness contains configuration for
                            locality aware load balancing.
                          properties:
                            crossZone:
                              description: |-
                                CrossZone defines locality aware load balancing priorities when dataplane proxies inside local zone
                                are unavailable
                              properties:
                                failover:
                                  description: Failover defines list of load balancing
                                    rules in order of priority
                                  items:
                                    properties:
                                      from:
                                        description: From defines the list of zones
                                          to which the rule applies
                                        properties:
                                          zones:
                                            items:
                                              type: string
                                            type: array
                                        required:
                                        - zones
                                        type: object
                                      to:
                                        description: To defines to which zones the
                                          traffic should be load balanced
                                        properties:
                                          type:
                                            description: Type defines how target zones
                                              will be picked from available zones
                                            enum:
                                            - None
                                            - Only
                                            - Any
                                            - AnyExcept
                                            type: string
                                          zones:
                                            items:
                                              type: string
                                            type: array
                                        required:
                                        - type
                                        type: object
                                    required:
                                    - to
                                    type: object
                                  type: array
                                failoverThreshold:
                                  description: |-
                                    FailoverThreshold defines the percentage of live destination dataplane proxies below which load balancing to the
                                    next priority starts.
                                    Example: If you configure failoverThreshold to 70, and you have deployed 10 destination dataplane proxies.
                                    Load balancing to next priority will start when number of live destination dataplane proxies drops below 7.
                                    Default 50
                                  properties:
                                    percentage:
                                      anyOf:
                                      - type: integer
                                      - type: string
                                      x-kubernetes-int-or-string: true
                                  required:
                                  - percentage
                                  type: object
                              type: object
                            disabled:
                              description: |-
                                Disabled allows to disable locality-aware load balancing.
                                When disabled requests are distributed across all endpoints regardless of locality.
                              type: boolean
                            localZone:
                              description: LocalZone defines locality aware load balancing
                                priorities between dataplane proxies inside a zone
                              properties:
                                affinityTags:
                                  description: AffinityTags list of tags for local
                                    zone load balancing.
                                  items:
                                    properties:
                                      key:
                                        description: Key defines tag for which affinity
                                          is configured
                                        type: string
                                      weight:
                                        description: |-
                                          Weight of the tag used for load balancing. The bigger the weight the bigger the priority.
                                          Percentage of local traffic load balanced to tag is computed by dividing weight by sum of weights from all tags.
                                          For example with two affinity tags first with weight 80 and second with weight 20,
                                          then 80% of traffic will be redirected to the first tag, and 20% of traffic will be redirected to second one.
                                          Setting weights is not mandatory. When weights are not set control plane will compute default weight based on list order.
                                          Default: If you do not specify weight we will adjust them so that 90% traffic goes to first tag, 9% to next, and 1% to third and so on.
                                        format: int32
                                        type: integer
                                    required:
                                    - key
                                    type: object
                                  type: array
                              type: object
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshmetrics.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshMetric
    listKind: MeshMetricList
    plural: meshmetrics
    singular: meshmetric
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshMetric resource.
            properties:
              default:
                description: MeshMetric configuration.
                properties:
                  applications:
                    description: Applications is a list of application that Dataplane
                      Proxy will scrape
                    items:
                      properties:
                        address:
                          description: Address on which an application listens.
                          type: string
                        name:
                          description: Name of the application to scrape
                          type: string
                        path:
                          default: /metrics/prometheus
                          description: Path on which an application expose HTTP endpoint
                            with metrics.
                          type: string
                        port:
                          description: Port on which an application expose HTTP endpoint
                            with metrics.
                          format: int32
                          type: integer
                      required:
                      - port
                      type: object
                    type: array
                  backends:
                    description: Backends list that will be used to collect metrics.
                    items:
                      properties:
                        openTelemetry:
                          description: OpenTelemetry backend configuration
                          properties:
                            endpoint:
                              description: Endpoint for OpenTelemetry collector
                              type: string
                          required:
                          - endpoint
                          type: object
                        prometheus:
                          description: Prometheus backend configuration.
                          properties:
                            clientId:
                              description: ClientId of the Prometheus backend. Needed
                                when using MADS for DP discovery.
                              type: string
                            path:
                              default: /metrics
                              description: Path on which a dataplane should expose
                                HTTP endpoint with Prometheus metrics.
                              type: string
                            port:
                              default: 5670
                              description: Port on which a dataplane should expose
                                HTTP endpoint with Prometheus metrics.
                              format: int32
                              type: integer
                            tls:
                              description: Configuration of TLS for prometheus listener.
                              properties:
                                mode:
                                  default: Disabled
                                  description: Configuration of TLS for Prometheus
                                    listener.
                                  enum:
                                  - Disabled
                                  - ProvidedTLS
                                  - ActiveMTLSBackend
                                  type: string
                              required:
                              - mode
                              type: object
                          required:
                          - path
                          - port
                          type: object
                        type:
                          description: Type of the backend that will be used to collect
                            metrics. At the moment only Prometheus backend is available.
                          enum:
                          - Prometheus
                          - OpenTelemetry
                          type: string
                      required:
                      - type
                      type: object
                    type: array
                  sidecar:
                    description: Sidecar metrics collection configuration
                    properties:
                      includeUnused:
                        default: false
                        description: |-
                          IncludeUnused if false will scrape only metrics that has been by sidecar (counters incremented
                          at least once, gauges changed at least once, and histograms added to at
                          least once). If true will scrape all metrics (even the ones with zeros).
                        type: boolean
                      regex:
                        description: Regex that will be used to filter sidecar metrics.
                          It uses Google RE2 engine https://github.com/google/re2
                        type: string
                    type: object
                type: object
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined in-place.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshproxypatches.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshProxyPatch
    listKind: MeshProxyPatchList
    plural: meshproxypatches
    singular: meshproxypatch
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshProxyPatch resource.
            properties:
              default:
                description: |-
                  Default is a configuration specific to the group of destinations
                  referenced in 'targetRef'.
                properties:
                  appendModifications:
                    description: AppendModifications is a list of modifications applied
                      on the selected proxy.
                    items:
                      properties:
                        cluster:
                          description: Cluster is a modification of Envoy's Cluster
                            resource.
                          properties:
                            jsonPatches:
                              description: |-
                                JsonPatches specifies list of jsonpatches to apply to on Envoy's Cluster
                                resource
                              items:
                                description: JsonPatchBlock is one json patch operation
                                  block.
                                properties:
                                  from:
                                    description: From is a jsonpatch from string,
                                      used by move and copy operations.
                                    type: string
                                  op:
                                    description: Op is a jsonpatch operation string.
                                    enum:
                                    - add
                                    - remove
                                    - replace
                                    - move
                                    - copy
                                    type: string
                                  path:
                                    description: Path is a jsonpatch path string.
                                    type: string
                                  value:
                                    description: Value must be a valid json value
                                      used by replace and add operations.
                                    x-kubernetes-preserve-unknown-fields: true
                                required:
                                - op
                                - path
                                type: object
                              type: array
                            match:
                              description: Match is a set of conditions that have
                                to be matched for modification operation to happen.
                              properties:
                                name:
                                  description: Name of the cluster to match.
                                  type: string
                                origin:
                                  description: |-
                                    Origin is the name of the component or plugin that generated the resource.


                                    Here is the list of well-known origins:
                                    inbound - resources generated for handling incoming traffic.
                                    outbound - resources generated for handling outgoing traffic.
                                    transparent - resources generated for transparent proxy functionality.
                                    prometheus - resources generated when Prometheus metrics are enabled.
                                    direct-access - resources generated for Direct Access functionality.
                                    ingress - resources generated for Zone Ingress.
                                    egress - resources generated for Zone Egress.
                                    gateway - resources generated for MeshGateway.


                                    The list is not complete, because policy plugins can introduce new resources.
                                    For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
                                  type: string
                              type: object
                            operation:
                              description: Operation to execute on matched cluster.
                              enum:
                              - Add
                              - Remove
                              - Patch
                              type: string
                            value:
                              description: Value of xDS resource in YAML format to
                                add or patch.
                              type: string
                          required:
                          - operation
                          type: object
                        httpFilter:
                          description: |-
                            HTTPFilter is a modification of Envoy HTTP Filter
                            available in HTTP Connection Manager in a Listener resource.
                          properties:
                            jsonPatches:
                              description: |-
                                JsonPatches specifies list of jsonpatches to apply to on Envoy's
                                HTTP Filter available in HTTP Connection Manager in a Listener resource.
                              items:
                                description: JsonPatchBlock is one json patch operation
                                  block.
                                properties:
                                  from:
                                    description: From is a jsonpatch from string,
                                      used by move and copy operations.
                                    type: string
                                  op:
                                    description: Op is a jsonpatch operation string.
                                    enum:
                                    - add
                                    - remove
                                    - replace
                                    - move
                                    - copy
                                    type: string
                                  path:
                                    description: Path is a jsonpatch path string.
                                    type: string
                                  value:
                                    description: Value must be a valid json value
                                      used by replace and add operations.
                                    x-kubernetes-preserve-unknown-fields: true
                                required:
                                - op
                                - path
                                type: object
                              type: array
                            match:
                              description: Match is a set of conditions that have
                                to be matched for modification operation to happen.
                              properties:
                                listenerName:
                                  description: Name of the listener to match.
                                  type: string
                                listenerTags:
                                  additionalProperties:
                                    type: string
                                  description: Listener tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
                                  type: object
                                name:
                                  description: Name of the HTTP filter. For example
                                    "envoy.filters.http.local_ratelimit"
                                  type: string
                                origin:
                                  description: |-
                                    Origin is the name of the component or plugin that generated the resource.


                                    Here is the list of well-known origins:
                                    inbound - resources generated for handling incoming traffic.
                                    outbound - resources generated for handling outgoing traffic.
                                    transparent - resources generated for transparent proxy functionality.
                                    prometheus - resources generated when Prometheus metrics are enabled.
                                    direct-access - resources generated for Direct Access functionality.
                                    ingress - resources generated for Zone Ingress.
                                    egress - resources generated for Zone Egress.
                                    gateway - resources generated for MeshGateway.


                                    The list is not complete, because policy plugins can introduce new resources.
                                    For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
                                  type: string
                              type: object
                            operation:
                              description: Operation to execute on matched listener.
                              enum:
                              - Remove
                              - Patch
                              - AddFirst
                              - AddBefore
                              - AddAfter
                              - AddLast
                              type: string
                            value:
                              description: Value of xDS resource in YAML format to
                                add or patch.
                              type: string
                          required:
                          - operation
                          type: object
                        listener:
                          description: Listener is a modification of Envoy's Listener
                            resource.
                          properties:
                            jsonPatches:
                              description: |-
                                JsonPatches specifies list of jsonpatches to apply to on Envoy's Listener
                                resource
                              items:
                                description: JsonPatchBlock is one json patch operation
                                  block.
                                properties:
                                  from:
                                    description: From is a jsonpatch from string,
                                      used by move and copy operations.
                                    type: string
                                  op:
                                    description: Op is a jsonpatch operation string.
                                    enum:
                                    - add
                                    - remove
                                    - replace
                                    - move
                                    - copy
                                    type: string
                                  path:
                                    description: Path is a jsonpatch path string.
                                    type: string
                                  value:
                                    description: Value must be a valid json value
                                      used by replace and add operations.
                                    x-kubernetes-preserve-unknown-fields: true
                                required:
                                - op
                                - path
                                type: object
                              type: array
                            match:
                              description: Match is a set of conditions that have
                                to be matched for modification operation to happen.
                              properties:
                                name:
                                  description: Name of the listener to match.
                                  type: string
                                origin:
                                  description: |-
                                    Origin is the name of the component or plugin that generated the resource.


                                    Here is the list of well-known origins:
                                    inbound - resources generated for handling incoming traffic.
                                    outbound - resources generated for handling outgoing traffic.
                                    transparent - resources generated for transparent proxy functionality.
                                    prometheus - resources generated when Prometheus metrics are enabled.
                                    direct-access - resources generated for Direct Access functionality.
                                    ingress - resources generated for Zone Ingress.
                                    egress - resources generated for Zone Egress.
                                    gateway - resources generated for MeshGateway.


                                    The list is not complete, because policy plugins can introduce new resources.
                                    For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
                                  type: string
                                tags:
                                  additionalProperties:
                                    type: string
                                  description: Tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
                                  type: object
                              type: object
                            operation:
                              description: Operation to execute on matched listener.
                              enum:
                              - Add
                              - Remove
                              - Patch
                              type: string
                            value:
                              description: Value of xDS resource in YAML format to
                                add or patch.
                              type: string
                          required:
                          - operation
                          type: object
                        networkFilter:
                          description: NetworkFilter is a modification of Envoy Listener's
                            filter.
                          properties:
                            jsonPatches:
                              description: |-
                                JsonPatches specifies list of jsonpatches to apply to on Envoy Listener's
                                filter.
                              items:
                                description: JsonPatchBlock is one json patch operation
                                  block.
                                properties:
                                  from:
                                    description: From is a jsonpatch from string,
                                      used by move and copy operations.
                                    type: string
                                  op:
                                    description: Op is a jsonpatch operation string.
                                    enum:
                                    - add
                                    - remove
                                    - replace
                                    - move
                                    - copy
                                    type: string
                                  path:
                                    description: Path is a jsonpatch path string.
                                    type: string
                                  value:
                                    description: Value must be a valid json value
                                      used by replace and add operations.
                                    x-kubernetes-preserve-unknown-fields: true
                                required:
                                - op
                                - path
                                type: object
                              type: array
                            match:
                              description: Match is a set of conditions that have
                                to be matched for modification operation to happen.
                              properties:
                                listenerName:
                                  description: Name of the listener to match.
                                  type: string
                                listenerTags:
                                  additionalProperties:
                                    type: string
                                  description: Listener tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
                                  type: object
                                name:
                                  description: Name of the network filter. For example
                                    "envoy.filters.network.ratelimit"
                                  type: string
                                origin:
                                  description: |-
                                    Origin is the name of the component or plugin that generated the resource.


                                    Here is the list of well-known origins:
                                    inbound - resources generated for handling incoming traffic.
                                    outbound - resources generated for handling outgoing traffic.
                                    transparent - resources generated for transparent proxy functionality.
                                    prometheus - resources generated when Prometheus metrics are enabled.
                                    direct-access - resources generated for Direct Access functionality.
                                    ingress - resources generated for Zone Ingress.
                                    egress - resources generated for Zone Egress.
                                    gateway - resources generated for MeshGateway.


                                    The list is not complete, because policy plugins can introduce new resources.
                                    For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
                                  type: string
                              type: object
                            operation:
                              description: Operation to execute on matched listener.
                              enum:
                              - Remove
                              - Patch
                              - AddFirst
                              - AddBefore
                              - AddAfter
                              - AddLast
                              type: string
                            value:
                              description: Value of xDS resource in YAML format to
                                add or patch.
                              type: string
                          required:
                          - operation
                          type: object
                        virtualHost:
                          description: |-
                            VirtualHost is a modification of Envoy's VirtualHost
                            referenced in HTTP Connection Manager in a Listener resource.
                          properties:
                            jsonPatches:
                              description: |-
                                JsonPatches specifies list of jsonpatches to apply to on Envoy's
                                VirtualHost resource
                              items:
                                description: JsonPatchBlock is one json patch operation
                                  block.
                                properties:
                                  from:
                                    description: From is a jsonpatch from string,
                                      used by move and copy operations.
                                    type: string
                                  op:
                                    description: Op is a jsonpatch operation string.
                                    enum:
                                    - add
                                    - remove
                                    - replace
                                    - move
                                    - copy
                                    type: string
                                  path:
                                    description: Path is a jsonpatch path string.
                                    type: string
                                  value:
                                    description: Value must be a valid json value
                                      used by replace and add operations.
                                    x-kubernetes-preserve-unknown-fields: true
                                required:
                                - op
                                - path
                                type: object
                              type: array
                            match:
                              description: Match is a set of conditions that have
                                to be matched for modification operation to happen.
                              properties:
                                name:
                                  description: Name of the VirtualHost to match.
                                  type: string
                                origin:
                                  description: |-
                                    Origin is the name of the component or plugin that generated the resource.


                                    Here is the list of well-known origins:
                                    inbound - resources generated for handling incoming traffic.
                                    outbound - resources generated for handling outgoing traffic.
                                    transparent - resources generated for transparent proxy functionality.
                                    prometheus - resources generated when Prometheus metrics are enabled.
                                    direct-access - resources generated for Direct Access functionality.
                                    ingress - resources generated for Zone Ingress.
                                    egress - resources generated for Zone Egress.
                                    gateway - resources generated for MeshGateway.


                                    The list is not complete, because policy plugins can introduce new resources.
                                    For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
                                  type: string
                                routeConfigurationName:
                                  description: Name of the RouteConfiguration resource
                                    to match.
                                  type: string
                              type: object
                            operation:
                              description: Operation to execute on matched listener.
                              enum:
                              - Add
                              - Remove
                              - Patch
                              type: string
                            value:
                              description: Value of xDS resource in YAML format to
                                add or patch.
                              type: string
                          required:
                          - match
                          - operation
                          type: object
                      type: object
                    type: array
                required:
                - appendModifications
                type: object
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
            required:
            - default
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshratelimits.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshRateLimit
    listKind: MeshRateLimitList
    plural: meshratelimits
    singular: meshratelimit
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshRateLimit resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of clients referenced in
                        'targetRef'
                      properties:
                        local:
                          description: LocalConf defines local http or/and tcp rate
                            limit configuration
                          properties:
                            http:
                              description: |-
                                LocalHTTP defines confguration of local HTTP rate limiting
                                https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter
                              properties:
                                disabled:
                                  description: Define if rate limiting should be disabled.
                                  type: boolean
                                onRateLimit:
                                  description: Describes the actions to take on a
                                    rate limit event
                                  properties:
                                    headers:
                                      description: The Headers to be added to the
                                        HTTP response on a rate limit event
                                      properties:
                                        add:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                        set:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                      type: object
                                    status:
                                      description: The HTTP status code to be set
                                        on a rate limit event
                                      format: int32
                                      type: integer
                                  type: object
                                requestRate:
                                  description: Defines how many requests are allowed
                                    per interval.
                                  properties:
                                    interval:
                                      description: The interval the number of units
                                        is accounted for.
                                      type: string
                                    num:
                                      description: |-
                                        Number of units per interval (depending on usage it can be a number of requests,
                                        or a number of connections).
                                      format: int32
                                      type: integer
                                  required:
                                  - interval
                                  - num
                                  type: object
                              type: object
                            tcp:
                              description: |-
                                LocalTCP defines confguration of local TCP rate limiting
                                https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter
                              properties:
                                connectionRate:
                                  description: Defines how many connections are allowed
                                    per interval.
                                  properties:
                                    interval:
                                      description: The interval the number of units
                                        is accounted for.
                                      type: string
                                    num:
                                      description: |-
                                        Number of units per interval (depending on usage it can be a number of requests,
                                        or a number of connections).
                                      format: int32
                                      type: integer
                                  required:
                                  - interval
                                  - num
                                  type: object
                                disabled:
                                  description: |-
                                    Define if rate limiting should be disabled.
                                    Default: false
                                  type: boolean
                              type: object
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        clients.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of clients referenced in
                        'targetRef'
                      properties:
                        local:
                          description: LocalConf defines local http or/and tcp rate
                            limit configuration
                          properties:
                            http:
                              description: |-
                                LocalHTTP defines confguration of local HTTP rate limiting
                                https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter
                              properties:
                                disabled:
                                  description: Define if rate limiting should be disabled.
                                  type: boolean
                                onRateLimit:
                                  description: Describes the actions to take on a
                                    rate limit event
                                  properties:
                                    headers:
                                      description: The Headers to be added to the
                                        HTTP response on a rate limit event
                                      properties:
                                        add:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                        set:
                                          items:
                                            properties:
                                              name:
                                                maxLength: 256
                                                minLength: 1
                                                pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                                type: string
                                              value:
                                                type: string
                                            required:
                                            - name
                                            - value
                                            type: object
                                          maxItems: 16
                                          type: array
                                          x-kubernetes-list-map-keys:
                                          - name
                                          x-kubernetes-list-type: map
                                      type: object
                                    status:
                                      description: The HTTP status code to be set
                                        on a rate limit event
                                      format: int32
                                      type: integer
                                  type: object
                                requestRate:
                                  description: Defines how many requests are allowed
                                    per interval.
                                  properties:
                                    interval:
                                      description: The interval the number of units
                                        is accounted for.
                                      type: string
                                    num:
                                      description: |-
                                        Number of units per interval (depending on usage it can be a number of requests,
                                        or a number of connections).
                                      format: int32
                                      type: integer
                                  required:
                                  - interval
                                  - num
                                  type: object
                              type: object
                            tcp:
                              description: |-
                                LocalTCP defines confguration of local TCP rate limiting
                                https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter
                              properties:
                                connectionRate:
                                  description: Defines how many connections are allowed
                                    per interval.
                                  properties:
                                    interval:
                                      description: The interval the number of units
                                        is accounted for.
                                      type: string
                                    num:
                                      description: |-
                                        Number of units per interval (depending on usage it can be a number of requests,
                                        or a number of connections).
                                      format: int32
                                      type: integer
                                  required:
                                  - interval
                                  - num
                                  type: object
                                disabled:
                                  description: |-
                                    Define if rate limiting should be disabled.
                                    Default: false
                                  type: boolean
                              type: object
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        clients.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshretries.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshRetry
    listKind: MeshRetryList
    plural: meshretries
    singular: meshretry
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshRetry resource.
            properties:
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between the consumed services and
                  corresponding configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        grpc:
                          description: GRPC defines a configuration of retries for
                            GRPC traffic
                          properties:
                            backOff:
                              description: |-
                                BackOff is a configuration of durations which will be used in an exponential
                                backoff strategy between retries.
                              properties:
                                baseInterval:
                                  default: 25ms
                                  description: |-
                                    BaseInterval is an amount of time which should be taken between retries.
                                    Must be greater than zero. Values less than 1 ms are rounded up to 1 ms.
                                  type: string
                                maxInterval:
                                  description: |-
                                    MaxInterval is a maximal amount of time which will be taken between retries.
                                    Default is 10 times the "BaseInterval".
                                  type: string
                              type: object
                            numRetries:
                              description: |-
                                NumRetries is the number of attempts that will be made on failed (and
                                retriable) requests. If not set, the default value is 1.
                              format: int32
                              type: integer
                            perTryTimeout:
                              description: |-
                                PerTryTimeout is the maximum amount of time each retry attempt can take
                                before it times out. If not set, the global request timeout for the route
                                will be used. Setting this value to 0 will disable the per-try timeout.
                              type: string
                            rateLimitedBackOff:
                              description: |-
                                RateLimitedBackOff is a configuration of backoff which will be used when
                                the upstream returns one of the headers configured.
                              properties:
                                maxInterval:
                                  default: 300s
                                  description: MaxInterval is a maximal amount of
                                    time which will be taken between retries.
                                  type: string
                                resetHeaders:
                                  description: |-
                                    ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset)
                                    to match against the response. Headers are tried in order, and matched
                                    case-insensitive. The first header to be parsed successfully is used.
                                    If no headers match the default exponential BackOff is used instead.
                                  items:
                                    properties:
                                      format:
                                        description: The format of the reset header.
                                        enum:
                                        - Seconds
                                        - UnixTimestamp
                                        type: string
                                      name:
                                        description: The Name of the reset header.
                                        maxLength: 256
                                        minLength: 1
                                        pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                        type: string
                                    required:
                                    - format
                                    - name
                                    type: object
                                  type: array
                              type: object
                            retryOn:
                              description: RetryOn is a list of conditions which will
                                cause a retry.
                              example:
                              - Canceled
                              - DeadlineExceeded
                              - Internal
                              - ResourceExhausted
                              - Unavailable
                              items:
                                enum:
                                - Canceled
                                - DeadlineExceeded
                                - Internal
                                - ResourceExhausted
                                - Unavailable
                                type: string
                              type: array
                          type: object
                        http:
                          description: HTTP defines a configuration of retries for
                            HTTP traffic
                          properties:
                            backOff:
                              description: |-
                                BackOff is a configuration of durations which will be used in exponential
                                backoff strategy between retries.
                              properties:
                                baseInterval:
                                  default: 25ms
                                  description: |-
                                    BaseInterval is an amount of time which should be taken between retries.
                                    Must be greater than zero. Values less than 1 ms are rounded up to 1 ms.
                                  type: string
                                maxInterval:
                                  description: |-
                                    MaxInterval is a maximal amount of time which will be taken between retries.
                                    Default is 10 times the "BaseInterval".
                                  type: string
                              type: object
                            hostSelection:
                              description: |-
                                HostSelection is a list of predicates that dictate how hosts should be selected
                                when requests are retried.
                              items:
                                properties:
                                  predicate:
                                    description: Type is requested predicate mode.
                                    enum:
                                    - OmitPreviousHosts
                                    - OmitHostsWithTags
                                    - OmitPreviousPriorities
                                    type: string
                                  tags:
                                    additionalProperties:
                                      type: string
                                    description: |-
                                      Tags is a map of metadata to match against for selecting the omitted hosts. Required if Type is
                                      OmitHostsWithTags
                                    type: object
                                  updateFrequency:
                                    default: 2
                                    description: |-
                                      UpdateFrequency is how often the priority load should be updated based on previously attempted priorities.
                                      Used for OmitPreviousPriorities.
                                    format: int32
                                    type: integer
                                required:
                                - predicate
                                type: object
                              type: array
                            hostSelectionMaxAttempts:
                              description: |-
                                HostSelectionMaxAttempts is the maximum number of times host selection will be
                                reattempted before giving up, at which point the host that was last selected will
                                be routed to. If unspecified, this will default to retrying once.
                              format: int64
                              type: integer
                            numRetries:
                              description: |-
                                NumRetries is the number of attempts that will be made on failed (and
                                retriable) requests.  If not set, the default value is 1.
                              format: int32
                              type: integer
                            perTryTimeout:
                              description: |-
                                PerTryTimeout is the amount of time after which retry attempt should time out.
                                If left unspecified, the global route timeout for the request will be used.
                                Consequently, when using a 5xx based retry policy, a request that times out
                                will not be retried as the total timeout budget would have been exhausted.
                                Setting this timeout to 0 will disable it.
                              type: string
                            rateLimitedBackOff:
                              description: |-
                                RateLimitedBackOff is a configuration of backoff which will be used
                                when the upstream returns one of the headers configured.
                              properties:
                                maxInterval:
                                  default: 300s
                                  description: MaxInterval is a maximal amount of
                                    time which will be taken between retries.
                                  type: string
                                resetHeaders:
                                  description: |-
                                    ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset)
                                    to match against the response. Headers are tried in order, and matched
                                    case-insensitive. The first header to be parsed successfully is used.
                                    If no headers match the default exponential BackOff is used instead.
                                  items:
                                    properties:
                                      format:
                                        description: The format of the reset header.
                                        enum:
                                        - Seconds
                                        - UnixTimestamp
                                        type: string
                                      name:
                                        description: The Name of the reset header.
                                        maxLength: 256
                                        minLength: 1
                                        pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                        type: string
                                    required:
                                    - format
                                    - name
                                    type: object
                                  type: array
                              type: object
                            retriableRequestHeaders:
                              description: |-
                                RetriableRequestHeaders is an HTTP headers which must be present in the request
                                for retries to be attempted.
                              items:
                                description: |-
                                  HeaderMatch describes how to select an HTTP route by matching HTTP request
                                  headers.
                                properties:
                                  name:
                                    description: |-
                                      Name is the name of the HTTP Header to be matched. Name MUST be lower case
                                      as they will be handled with case insensitivity (See https://tools.ietf.org/html/rfc7230#section-3.2).
                                    maxLength: 256
                                    minLength: 1
                                    pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                    type: string
                                  type:
                                    default: Exact
                                    description: Type specifies how to match against
                                      the value of the header.
                                    enum:
                                    - Exact
                                    - Present
                                    - RegularExpression
                                    - Absent
                                    - Prefix
                                    type: string
                                  value:
                                    description: Value is the value of HTTP Header
                                      to be matched.
                                    type: string
                                required:
                                - name
                                type: object
                              type: array
                            retriableResponseHeaders:
                              description: |-
                                RetriableResponseHeaders is an HTTP response headers that trigger a retry
                                if present in the response. A retry will be triggered if any of the header
                                matches the upstream response headers.
                              items:
                                description: |-
                                  HeaderMatch describes how to select an HTTP route by matching HTTP request
                                  headers.
                                properties:
                                  name:
                                    description: |-
                                      Name is the name of the HTTP Header to be matched. Name MUST be lower case
                                      as they will be handled with case insensitivity (See https://tools.ietf.org/html/rfc7230#section-3.2).
                                    maxLength: 256
                                    minLength: 1
                                    pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$
                                    type: string
                                  type:
                                    default: Exact
                                    description: Type specifies how to match against
                                      the value of the header.
                                    enum:
                                    - Exact
                                    - Present
                                    - RegularExpression
                                    - Absent
                                    - Prefix
                                    type: string
                                  value:
                                    description: Value is the value of HTTP Header
                                      to be matched.
                                    type: string
                                required:
                                - name
                                type: object
                              type: array
                            retryOn:
                              description: |-
                                RetryOn is a list of conditions which will cause a retry. Available values are:
                                [5XX, GatewayError, Reset, Retriable4xx, ConnectFailure, EnvoyRatelimited,
                                RefusedStream, Http3PostConnectFailure, HttpMethodConnect, HttpMethodDelete,
                                HttpMethodGet, HttpMethodHead, HttpMethodOptions, HttpMethodPatch,
                                HttpMethodPost, HttpMethodPut, HttpMethodTrace].
                                Also, any HTTP status code (500, 503, etc.).
                              example:
                              - 5XX
                              - GatewayError
                              - Reset
                              - Retriable4xx
                              - ConnectFailure
                              - EnvoyRatelimited
                              - RefusedStream
                              - Http3PostConnectFailure
                              - HttpMethodConnect
                              - HttpMethodDelete
                              - HttpMethodGet
                              - HttpMethodHead
                              - HttpMethodOptions
                              - HttpMethodPatch
                              - HttpMethodPost
                              - HttpMethodPut
                              - HttpMethodTrace
                              - "500"
                              - "503"
                              items:
                                type: string
                              type: array
                          type: object
                        tcp:
                          description: TCP defines a configuration of retries for
                            TCP traffic
                          properties:
                            maxConnectAttempt:
                              description: |-
                                MaxConnectAttempt is a maximal amount of TCP connection attempts
                                which will be made before giving up
                              format: int32
                              type: integer
                          type: object
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshtcproutes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshTCPRoute
    listKind: MeshTCPRouteList
    plural: meshtcproutes
    singular: meshtcproute
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshTCPRoute resource.
            properties:
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined in-place.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: |-
                  To list makes a match between the consumed services and corresponding
                  configurations
                items:
                  properties:
                    rules:
                      description: |-
                        Rules contains the routing rules applies to a combination of top-level
                        targetRef and the targetRef in this entry.
                      items:
                        properties:
                          default:
                            description: |-
                              Default holds routing rules that can be merged with rules from other
                              policies.
                            properties:
                              backendRefs:
                                items:
                                  description: BackendRef defines where to forward
                                    traffic.
                                  properties:
                                    kind:
                                      description: Kind of the referenced resource
                                      enum:
                                      - Mesh
                                      - MeshSubset
                                      - MeshGateway
                                      - MeshService
                                      - MeshServiceSubset
                                      - MeshHTTPRoute
                                      type: string
                                    mesh:
                                      description: Mesh is reserved for future use
                                        to identify cross mesh resources.
                                      type: string
                                    name:
                                      description: |-
                                        Name of the referenced resource. Can only be used with kinds: `MeshService`,
                                        `MeshServiceSubset` and `MeshGatewayRoute`
                                      type: string
                                    proxyTypes:
                                      description: |-
                                        ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                                        all data plane types are targeted by the policy.
                                      items:
                                        enum:
                                        - Sidecar
                                        - Gateway
                                        type: string
                                      minItems: 1
                                      type: array
                                    tags:
                                      additionalProperties:
                                        type: string
                                      description: |-
                                        Tags used to select a subset of proxies by tags. Can only be used with kinds
                                        `MeshSubset` and `MeshServiceSubset`
                                      type: object
                                    weight:
                                      default: 1
                                      minimum: 0
                                      type: integer
                                  type: object
                                minItems: 1
                                type: array
                            required:
                            - backendRefs
                            type: object
                        required:
                        - default
                        type: object
                      maxItems: 1
                      type: array
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                minItems: 1
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshtimeouts.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshTimeout
    listKind: MeshTimeoutList
    plural: meshtimeouts
    singular: meshtimeout
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshTimeout resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of clients referenced in
                        'targetRef'
                      properties:
                        connectionTimeout:
                          description: |-
                            ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established.
                            Default value is 5 seconds. Cannot be set to 0.
                          type: string
                        http:
                          description: Http provides configuration for HTTP specific
                            timeouts
                          properties:
                            maxConnectionDuration:
                              description: |-
                                MaxConnectionDuration is the time after which a connection will be drained and/or closed,
                                starting from when it was first established. Setting this timeout to 0 will disable it.
                                Disabled by default.
                              type: string
                            maxStreamDuration:
                              description: |-
                                MaxStreamDuration is the maximum time that a stream’s lifetime will span.
                                Setting this timeout to 0 will disable it. Disabled by default.
                              type: string
                            requestHeadersTimeout:
                              description: |-
                                RequestHeadersTimeout The amount of time that proxy will wait for the request headers to be received. The timer is
                                activated when the first byte of the headers is received, and is disarmed when the last byte of
                                the headers has been received. If not specified or set to 0, this timeout is disabled.
                                Disabled by default.
                              type: string
                            requestTimeout:
                              description: |-
                                RequestTimeout The amount of time that proxy will wait for the entire request to be received.
                                The timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent,
                                OR when the response is initiated. Setting this timeout to 0 will disable it.
                                Default is 15s.
                              type: string
                            streamIdleTimeout:
                              description: |-
                                StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity.
                                Setting this timeout to 0 will disable it. Default is 30m
                              type: string
                          type: object
                        idleTimeout:
                          description: |-
                            IdleTimeout is defined as the period in which there are no bytes sent or received on connection
                            Setting this timeout to 0 will disable it. Be cautious when disabling it because
                            it can lead to connection leaking. Default value is 1h.
                          type: string
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        clients.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
              to:
                description: To list makes a match between the consumed services and
                  corresponding configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of destinations referenced in
                        'targetRef'
                      properties:
                        connectionTimeout:
                          description: |-
                            ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established.
                            Default value is 5 seconds. Cannot be set to 0.
                          type: string
                        http:
                          description: Http provides configuration for HTTP specific
                            timeouts
                          properties:
                            maxConnectionDuration:
                              description: |-
                                MaxConnectionDuration is the time after which a connection will be drained and/or closed,
                                starting from when it was first established. Setting this timeout to 0 will disable it.
                                Disabled by default.
                              type: string
                            maxStreamDuration:
                              description: |-
                                MaxStreamDuration is the maximum time that a stream’s lifetime will span.
                                Setting this timeout to 0 will disable it. Disabled by default.
                              type: string
                            requestHeadersTimeout:
                              description: |-
                                RequestHeadersTimeout The amount of time that proxy will wait for the request headers to be received. The timer is
                                activated when the first byte of the headers is received, and is disarmed when the last byte of
                                the headers has been received. If not specified or set to 0, this timeout is disabled.
                                Disabled by default.
                              type: string
                            requestTimeout:
                              description: |-
                                RequestTimeout The amount of time that proxy will wait for the entire request to be received.
                                The timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent,
                                OR when the response is initiated. Setting this timeout to 0 will disable it.
                                Default is 15s.
                              type: string
                            streamIdleTimeout:
                              description: |-
                                StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity.
                                Setting this timeout to 0 will disable it. Default is 30m
                              type: string
                          type: object
                        idleTimeout:
                          description: |-
                            IdleTimeout is defined as the period in which there are no bytes sent or received on connection
                            Setting this timeout to 0 will disable it. Be cautious when disabling it because
                            it can lead to connection leaking. Default value is 1h.
                          type: string
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        destinations.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshtraces.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshTrace
    listKind: MeshTraceList
    plural: meshtraces
    singular: meshtrace
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshTrace resource.
            properties:
              default:
                description: MeshTrace configuration.
                properties:
                  backends:
                    description: |-
                      A one element array of backend definition.
                      Envoy allows configuring only 1 backend, so the natural way of
                      representing that would be just one object. Unfortunately due to the
                      reasons explained in MADR 009-tracing-policy this has to be a one element
                      array for now.
                    items:
                      description: Only one of zipkin, datadog or openTelemetry can
                        be used.
                      properties:
                        datadog:
                          description: Datadog backend configuration.
                          properties:
                            splitService:
                              default: false
                              description: |-
                                Determines if datadog service name should be split based on traffic
                                direction and destination. For example, with `splitService: true` and a
                                `backend` service that communicates with a couple of databases, you would
                                get service names like `backend_INBOUND`, `backend_OUTBOUND_db1`, and
                                `backend_OUTBOUND_db2` in Datadog.
                              type: boolean
                            url:
                              description: |-
                                Address of Datadog collector, only host and port are allowed (no paths,
                                fragments etc.)
                              type: string
                          required:
                          - url
                          type: object
                        openTelemetry:
                          description: OpenTelemetry backend configuration.
                          properties:
                            endpoint:
                              description: Address of OpenTelemetry collector.
                              example: otel-collector:4317
                              minLength: 1
                              type: string
                          required:
                          - endpoint
                          type: object
                        type:
                          enum:
                          - Zipkin
                          - Datadog
                          - OpenTelemetry
                          type: string
                        zipkin:
                          description: Zipkin backend configuration.
                          properties:
                            apiVersion:
                              default: httpJson
                              description: |-
                                Version of the API.
                                https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/trace/v3/zipkin.proto#L66
                              enum:
                              - httpJson
                              - httpProto
                              type: string
                            sharedSpanContext:
                              default: true
                              description: |-
                                Determines whether client and server spans will share the same span
                                context.
                                https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/trace/v3/zipkin.proto#L63
                              type: boolean
                            traceId128bit:
                              default: false
                              description: Generate 128bit traces.
                              type: boolean
                            url:
                              description: Address of Zipkin collector.
                              type: string
                          required:
                          - url
                          type: object
                      required:
                      - type
                      type: object
                    maxItems: 1
                    type: array
                  sampling:
                    description: |-
                      Sampling configuration.
                      Sampling is the process by which a decision is made on whether to
                      process/export a span or not.
                    properties:
                      client:
                        anyOf:
                        - type: integer
                        - type: string
                        default: 100%
                        description: |-
                          Target percentage of requests that will be force traced if the
                          'x-client-trace-id' header is set. Mirror of client_sampling in Envoy
                          https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L127-L133
                          Either int or decimal represented as string.
                        x-kubernetes-int-or-string: true
                      overall:
                        anyOf:
                        - type: integer
                        - type: string
                        default: 100%
                        description: |-
                          Target percentage of requests will be traced
                          after all other sampling checks have been applied (client, force tracing,
                          random sampling). This field functions as an upper limit on the total
                          configured sampling rate. For instance, setting client_sampling to 100%
                          but overall_sampling to 1% will result in only 1% of client requests with
                          the appropriate headers to be force traced. Mirror of
                          overall_sampling in Envoy
                          https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L142-L150
                          Either int or decimal represented as string.
                        x-kubernetes-int-or-string: true
                      random:
                        anyOf:
                        - type: integer
                        - type: string
                        default: 100%
                        description: |-
                          Target percentage of requests that will be randomly selected for trace
                          generation, if not requested by the client or not forced.
                          Mirror of random_sampling in Envoy
                          https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L135-L140
                          Either int or decimal represented as string.
                        x-kubernetes-int-or-string: true
                    type: object
                  tags:
                    description: |-
                      Custom tags configuration. You can add custom tags to traces based on
                      headers or literal values.
                    items:
                      description: |-
                        Custom tags configuration.
                        Only one of literal or header can be used.
                      properties:
                        header:
                          description: Tag taken from a header.
                          properties:
                            default:
                              description: |-
                                Default value to use if header is missing.
                                If the default is missing and there is no value the tag will not be
                                included.
                              type: string
                            name:
                              description: Name of the header.
                              type: string
                          required:
                          - name
                          type: object
                        literal:
                          description: Tag taken from literal value.
                          type: string
                        name:
                          description: Name of the tag.
                          type: string
                      required:
                      - name
                      type: object
                    type: array
                type: object
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: meshtrafficpermissions.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: MeshTrafficPermission
    listKind: MeshTrafficPermissionList
    plural: meshtrafficpermissions
    singular: meshtrafficpermission
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.targetRef.kind
      name: TargetRef Kind
      type: string
    - jsonPath: .spec.targetRef.name
      name: TargetRef Name
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma MeshTrafficPermission
              resource.
            properties:
              from:
                description: From list makes a match between clients and corresponding
                  configurations
                items:
                  properties:
                    default:
                      description: |-
                        Default is a configuration specific to the group of clients referenced in
                        'targetRef'
                      properties:
                        action:
                          description: 'Action defines a behavior for the specified
                            group of clients:'
                          enum:
                          - Allow
                          - Deny
                          - AllowWithShadowDeny
                          type: string
                      type: object
                    targetRef:
                      description: |-
                        TargetRef is a reference to the resource that represents a group of
                        clients.
                      properties:
                        kind:
                          description: Kind of the referenced resource
                          enum:
                          - Mesh
                          - MeshSubset
                          - MeshGateway
                          - MeshService
                          - MeshServiceSubset
                          - MeshHTTPRoute
                          type: string
                        mesh:
                          description: Mesh is reserved for future use to identify
                            cross mesh resources.
                          type: string
                        name:
                          description: |-
                            Name of the referenced resource. Can only be used with kinds: `MeshService`,
                            `MeshServiceSubset` and `MeshGatewayRoute`
                          type: string
                        proxyTypes:
                          description: |-
                            ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                            all data plane types are targeted by the policy.
                          items:
                            enum:
                            - Sidecar
                            - Gateway
                            type: string
                          minItems: 1
                          type: array
                        tags:
                          additionalProperties:
                            type: string
                          description: |-
                            Tags used to select a subset of proxies by tags. Can only be used with kinds
                            `MeshSubset` and `MeshServiceSubset`
                          type: object
                      type: object
                  required:
                  - targetRef
                  type: object
                type: array
              targetRef:
                description: |-
                  TargetRef is a reference to the resource the policy takes an effect on.
                  The resource could be either a real store object or virtual resource
                  defined inplace.
                properties:
                  kind:
                    description: Kind of the referenced resource
                    enum:
                    - Mesh
                    - MeshSubset
                    - MeshGateway
                    - MeshService
                    - MeshServiceSubset
                    - MeshHTTPRoute
                    type: string
                  mesh:
                    description: Mesh is reserved for future use to identify cross
                      mesh resources.
                    type: string
                  name:
                    description: |-
                      Name of the referenced resource. Can only be used with kinds: `MeshService`,
                      `MeshServiceSubset` and `MeshGatewayRoute`
                    type: string
                  proxyTypes:
                    description: |-
                      ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
                      all data plane types are targeted by the policy.
                    items:
                      enum:
                      - Sidecar
                      - Gateway
                      type: string
                    minItems: 1
                    type: array
                  tags:
                    additionalProperties:
                      type: string
                    description: |-
                      Tags used to select a subset of proxies by tags. Can only be used with kinds
                      `MeshSubset` and `MeshServiceSubset`
                    type: object
                type: object
            required:
            - targetRef
            type: object
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: proxytemplates.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ProxyTemplate
    listKind: ProxyTemplateList
    plural: proxytemplates
    singular: proxytemplate
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ProxyTemplate resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: ratelimits.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: RateLimit
    listKind: RateLimitList
    plural: ratelimits
    singular: ratelimit
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma RateLimit resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: retries.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: Retry
    listKind: RetryList
    plural: retries
    singular: retry
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma Retry resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: serviceinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ServiceInsight
    listKind: ServiceInsightList
    plural: serviceinsights
    singular: serviceinsight
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ServiceInsight resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: timeouts.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: Timeout
    listKind: TimeoutList
    plural: timeouts
    singular: timeout
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma Timeout resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: trafficlogs.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: TrafficLog
    listKind: TrafficLogList
    plural: trafficlogs
    singular: trafficlog
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma TrafficLog resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: trafficpermissions.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: TrafficPermission
    listKind: TrafficPermissionList
    plural: trafficpermissions
    singular: trafficpermission
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma TrafficPermission resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: trafficroutes.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: TrafficRoute
    listKind: TrafficRouteList
    plural: trafficroutes
    singular: trafficroute
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma TrafficRoute resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: traffictraces.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: TrafficTrace
    listKind: TrafficTraceList
    plural: traffictraces
    singular: traffictrace
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma TrafficTrace resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: virtualoutbounds.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: VirtualOutbound
    listKind: VirtualOutboundList
    plural: virtualoutbounds
    singular: virtualoutbound
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma VirtualOutbound resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zoneegresses.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ZoneEgress
    listKind: ZoneEgressList
    plural: zoneegresses
    singular: zoneegress
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - description: Zone name
      jsonPath: .spec.zone
      name: zone
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ZoneEgress resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zoneegressinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ZoneEgressInsight
    listKind: ZoneEgressInsightList
    plural: zoneegressinsights
    singular: zoneegressinsight
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ZoneEgressInsight resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zoneingresses.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ZoneIngress
    listKind: ZoneIngressList
    plural: zoneingresses
    singular: zoneingress
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - description: Zone name
      jsonPath: .spec.zone
      name: zone
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ZoneIngress resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
    subresources: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zoneingressinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ZoneIngressInsight
    listKind: ZoneIngressInsightList
    plural: zoneingressinsights
    singular: zoneingressinsight
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ZoneIngressInsight
              resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zoneinsights.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: ZoneInsight
    listKind: ZoneInsightList
    plural: zoneinsights
    singular: zoneinsight
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma ZoneInsight resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.14.0
  name: zones.kuma.io
spec:
  group: kuma.io
  names:
    categories:
    - kuma
    kind: Zone
    listKind: ZoneList
    plural: zones
    singular: zone
  scope: Cluster
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          mesh:
            description: |-
              Mesh is the name of the Kuma mesh this resource belongs to.
              It may be omitted for cluster-scoped resources.
            type: string
          metadata:
            type: object
          spec:
            description: Spec is the specification of the Kuma Zone resource.
            x-kubernetes-preserve-unknown-fields: true
        type: object
    served: true
    storage: true
